Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

bypass proxy with url on different port

Hi All,

I have been told on my web filtering symantec cloud support, that they can't allow to access http://ip-address:89.  Symantec advise/told me to bypass this address in the proxy.

How do I do that with cisco asa 5515x if proxy is on the cloud and I never had experience also bypassing on a proxy locally?  Symantec proxy address is proxy2.us.webscanningservice.com and port is 3128.  Is it possible to just bypass that particular ip address above or the whole workstation, if the whole workstation then it's not good, for there will be no filtering on that workstation going to happened.

My configuration right now is that I have internal interface (called vlan192) and all other vlans connect to it, and it can get internet.  

Before I was using websense, but websense cease to function most of the time, I wasted paying them almost 5k last year.  Websense have the most stupid license limitation ever...  And I don't know if it can filter the above url problem or not, since I said websense all the time cease to function if license exceeded.  My license is 100 ip, yup their license is on the ips, not on the user, so even if my user is only 20, imagine they have all smart phone or blackberry, that will count double, plus 20 server or guess in the company.  But still 100 license should still work with websense and just cease to function on the exceeding ip and not for all.

 

Please help!

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

first you need to find the

first you need to find the  ACL name on  ASA  which is being being used to control the internet access.

Let say web traffic  deny ACL number is 100 and you can add  with line  number 90 on top of this.

access-list  INSIDE_OUT line 90  extended permit tcp  any  host x,x,x,x eq 89 

 

"How to bypass proxy in window 7" you can search the same on google.

You will get step by step detail.

 

Hope this help.

 

 

 

 

 

Regards

Daljeet Singh 

3 REPLIES
New Member

Hi Neetu, If  i understand

Hi Neetu,

 

If  i understand correct then you are using cloud proxya and sending all internet traffic to Symantec for internet access and you need to bypass this URL in ASA.

I worked on similar issue with differnet proxy vendor.

 I believe you have an ACL on ASA which allow web traffic outside only destination to  Symantec proxy server.  If yes then first thing you need to add another ACL on top of this ACL to allow internal network traffic to destination  ip-address on port 89.

Also make sure you have routing in place for this outside IP from internal NW to outside.And on client machine add this IP in bypass proxy list.  Hope this helps.  please let me know if i misunderstood the quetsion and Scenario.

 

Thanks

 

Regards

Daljeet Singh

 

New Member

Hi Daljeet,Can you give me

Hi Daljeet,

Can you give me example of ACL with an ip-address:89 on ASA to allow it on top?

And how do I put this bypass proxy address on the client or windows 7?

 

Thanks and more power!

 

New Member

first you need to find the

first you need to find the  ACL name on  ASA  which is being being used to control the internet access.

Let say web traffic  deny ACL number is 100 and you can add  with line  number 90 on top of this.

access-list  INSIDE_OUT line 90  extended permit tcp  any  host x,x,x,x eq 89 

 

"How to bypass proxy in window 7" you can search the same on google.

You will get step by step detail.

 

Hope this help.

 

 

 

 

 

Regards

Daljeet Singh 

480
Views
5
Helpful
3
Replies
CreatePlease to create content