Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Adding URL and IP address to the Firewall

Hi,

I have Cisco ASDM 6.2 for ASA and I have been requested to add a list of URLs and IP address to the whitelist on the firewall.

I haven’t had much experience using this program so unsure of where I go to add these and I don’t want to risk changing anything that might affect the security of the firewall.

The address I need to add include:

IP address

https:// sites

http:// sites

Thanks

Everyone's tags (3)
4 REPLIES
Cisco Employee

Adding URL and IP address to the Firewall

Does the ASA have CSC module or are you trying to deny that using access-list?

If the ASA has CSC module then you would need to connect to the CSC/Trend Micro configuration section.

If you only use access-list to deny access, you can only use IP Address. The full URL needs to use REGEX to deny.

And you can't block HTTPS using URL as the URL is encrypted. HTTPS using IP Address can be blocked using access-list.

Re: Adding URL and IP address to the Firewall

Hi Bro

I guess you've to use the regex method for now, as mentioned by Jennifer Halim above. This is because "access-list webtype" is widely used in SSLVPN. Click here for further details http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/a1.html#wp1599455

P/S: if you think this comment is useful, please do rate it nicely and select "This Question is Answered"

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department

Re: Adding URL and IP address to the Firewall

Hi Laura,

Either go for an CSC-SSM (Content Security and Control - Security Services Module) for URL whitelisting or regex is an open option but its quite little complicated.

By

Karthik

Re: Adding URL and IP address to the Firewall

Hi Laura,

Also regex option works only for http.

By

Karthik

2673
Views
0
Helpful
4
Replies
CreatePlease login to create content