Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

asa 5505 url whitelisting/blacklisting?

I have an asa 5505 w/o websense or n2h2. Is there an easy way to do static URL whitelisting/blacklisting, and if so can someone point me in the direction to get started

2 ACCEPTED SOLUTIONS

Accepted Solutions

Re: asa 5505 url whitelisting/blacklisting?

You can use combination of regex & HTTP inspection with ASA 7.2+ code to achieve this

regex YOUTUBE "youtube\.com"

policy-map type inspect http xyz

parameters

protocol-violation action drop-connection log

match request header host regex YOUTUBE

drop-connection log

policy-map global_policy

class inspection_default

.

.

< SNIP..>

.

.

inspect http xyz

A good example can be found at

http://www.internetworkpro.org/wiki/ASA_and_PIX_using_http_inspection_to_filter_URLs_and_Hosts_in_HTTP

HTH

Syed Iftekhar Ahmed

Re: asa 5505 url whitelisting/blacklisting?

3 REPLIES

Re: asa 5505 url whitelisting/blacklisting?

You can use combination of regex & HTTP inspection with ASA 7.2+ code to achieve this

regex YOUTUBE "youtube\.com"

policy-map type inspect http xyz

parameters

protocol-violation action drop-connection log

match request header host regex YOUTUBE

drop-connection log

policy-map global_policy

class inspection_default

.

.

< SNIP..>

.

.

inspect http xyz

A good example can be found at

http://www.internetworkpro.org/wiki/ASA_and_PIX_using_http_inspection_to_filter_URLs_and_Hosts_in_HTTP

HTH

Syed Iftekhar Ahmed

Re: asa 5505 url whitelisting/blacklisting?

Community Member

Re: asa 5505 url whitelisting/blacklisting?

thanks! exactly what I was looking for

5152
Views
5
Helpful
3
Replies
CreatePlease to create content