07-23-2012 04:01 AM - edited 03-11-2019 04:33 PM
Hi,
I have Cisco ASDM 6.2 for ASA and I have been requested to add a list of URLs and IP address to the whitelist on the firewall.
I haven’t had much experience using this program so unsure of where I go to add these and I don’t want to risk changing anything that might affect the security of the firewall.
The address I need to add include:
IP address
https:// sites
http:// sites
Thanks
07-24-2012 02:23 AM
Does the ASA have CSC module or are you trying to deny that using access-list?
If the ASA has CSC module then you would need to connect to the CSC/Trend Micro configuration section.
If you only use access-list to deny access, you can only use IP Address. The full URL needs to use REGEX to deny.
And you can't block HTTPS using URL as the URL is encrypted. HTTPS using IP Address can be blocked using access-list.
07-26-2012 08:09 PM
Hi Bro
I guess you've to use the regex method for now, as mentioned by Jennifer Halim above. This is because "access-list webtype" is widely used in SSLVPN. Click here for further details http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/a1.html#wp1599455
P/S: if you think this comment is useful, please do rate it nicely and select "This Question is Answered"
07-27-2012 04:04 AM
Hi Laura,
Either go for an CSC-SSM (Content Security and Control - Security Services Module) for URL whitelisting or regex is an open option but its quite little complicated.
By
Karthik
07-27-2012 04:06 AM
Hi Laura,
Also regex option works only for http.
By
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide