cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
674
Views
0
Helpful
3
Replies

Cisco ASA5510

saroj pradhan
Level 1
Level 1

I have  cisco ASA5510 firewall  using in my network but  unable to bolck Url's  unwanted.

can i block the https://facebook.com  on the asa by using regular exp.

Thanks,

Saroj

3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

The ASA can not inspect HTTPS. You could deny name-resolution for facebook.com or use a proxy-server that can inspect HTTPS-traffic.

Hi,

You can not block https as the "get-request' for the facebook.com will be encypted. However you can use ASA to block facebook based on your DNS request in case you dns request is passing through the ASA. ASA can inspect that DNS packet and based on regex you can deny that dns request.

In this way user will never be able to connect to facebook.com (3-way handshake).

but if you are using an internal DNS server, ASA won't be receiving the request if it is in same LAN segment.

Regards,

Dinkar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: