Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA 5505 and non-local Smart Filter

Greetings.

We have a site where there are several remote buildings that connect through a VPN to the main office at that location, and the main office then connects to our larger WAN.

We split the tunnels at these remote locations so surfing and whatnot uses local bandwidth.

We want to filter the web surfing at these locations, and have a web filter set up at the main office for that site, but the ASA's are not able to connect to the URL filter on the other end of the VPN tunnel.

Is what we're trying to do a supported configuration?

We could set it up so the outside IP of the ASA's has access to the internal URL filter, but we're using transparent authentication and I'm concerned about passing user credentials through an non-secured connection.

1 REPLY
Anonymous
N/A

Re: ASA 5505 and non-local Smart Filter

The PIX firewall can be configured to communicate with a Websense server to restrict outbound HTTP traffic (FTP and HTTPS in 6.3). The Websense server's essential responsibility is to create and enforce a set of policies to allow or deny access to specific URLs

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00801e4197.shtml

235
Views
0
Helpful
1
Replies
CreatePlease to create content