Cisco 2911 IOS Fireall configuration for HTTPS trafic block
I am configuring Cisco 2911 Sec-k9 router. i am able to block all the sites but not able to block Https Trafic like Facebook,youtube,some unwanted Sites. how to block them. i tried with key word blocking, but still https Sites are opening.
and i want give the full internet access to limited people
Without any additional license or equipment, that's very hard to achieve.
The best way to solve that problem is to use an ASA-NGFW instead of the IOS-router.
If you have to stick with the router you could use Cisco Web Security (CWS) formaly known as Scansafe. But that needs also an additional license.
With only the router you could try some dirty hacks. For example you can deny all unwanted IPs (that of Facebook, Youtube ...) in an ACL. But that is very hard to manage. Or you could control the DNS-communication in a way that your DNS-server return an internal IP of your own webserver for all the unwanted domains.
But all in all, you are using the wrong tool for that problem.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...