Solved: Re: asa 5505 url whitelisting/blacklisting?

ryancolson · ‎10-16-2008

I have an asa 5505 w/o websense or n2h2. Is there an easy way to do static URL whitelisting/blacklisting, and if so can someone point me in the direction to get started

Syed Iftekhar Ahmed · ‎10-16-2008

You can use combination of regex & HTTP inspection with ASA 7.2+ code to achieve this

regex YOUTUBE "youtube\.com"

policy-map type inspect http xyz

parameters

protocol-violation action drop-connection log

match request header host regex YOUTUBE

drop-connection log

policy-map global_policy

class inspection_default

.

< SNIP..>

.

inspect http xyz

A good example can be found at

http://www.internetworkpro.org/wiki/ASA_and_PIX_using_http_inspection_to_filter_URLs_and_Hosts_in_HTTP

HTH

Syed Iftekhar Ahmed

View solution in original post

Syed Iftekhar Ahmed · ‎10-17-2008

Another example at

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940c5a.shtml

Syed