11-13-2015 12:18 AM - edited 03-11-2019 11:53 PM
Hello everyone!
There is one issue with ASA. In our compny we filter some resourses on our ISP devises simple adding acl and using IP addresses. Now we faced a problem, that some web-sites using one IP shouldn't be banned, after that we made up with idea of using ASA and filter HTTP headers. Unfortanetely, I am not familiar with ASA at all and with transparent mode in particularly. Could somebody advise me how can I test it in my lab?
I have: ASA-5585, software version 9.1(5)21 ,
ASR1000 , ASR9000, and Cisco 7606.
In our prodaction network we are going to have the following topology:
ASR1000 - is our SE then goes our PE device and it's ASR9000, we use it like switch, and then 7606 goes.
How can I do it in lab? How can I deal with routing?
I am looking for any pieces of advice.
Thank you!
Solved! Go to Solution.
11-13-2015 01:55 AM
Hi,
You can use the URL filtering on the ASA to block the HTTP. This is supported in transparent mode as well.
You can refer the below document regarding the URL filtering information.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/protect_filter.html#pgfId-1045692
Most of the websites uses HTTPS then we may have to use websence server for blocking the HTTPS sites.
Thanks,
Shivapramod M
P.S. Please rate helpful posts.
11-13-2015 01:55 AM
Hi,
You can use the URL filtering on the ASA to block the HTTP. This is supported in transparent mode as well.
You can refer the below document regarding the URL filtering information.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/protect_filter.html#pgfId-1045692
Most of the websites uses HTTPS then we may have to use websence server for blocking the HTTPS sites.
Thanks,
Shivapramod M
P.S. Please rate helpful posts.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: