Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

HTTPS inspection on ASA with SmartFilter

Hi all,

I got an ASA5505 with URL-filtering through SmartFilter.

HTTP ist working fine. HTTPS unfortunately can only be blocked on the SmartFilter with the IP address (e.g. https://70.42.13.100)

and not with the domain-name (e.g. https://www.cisco.com/).


On the ASA, the SyslogID 304001 shows only   <inside client ip> Accessed URL 70.42.13.10:https://70.42.13.10/ and this is, what the

SmartFilter are checking.

How can I tell the ASA to log/send the URL name to the SmartFilter?

Thanks,

Norbert

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: HTTPS inspection on ASA with SmartFilter

The smartfilter blocks https doing a reverse lookup for all illegit urls.

In other words when it sees the ip address you are https-ing to it checks what domain the ip address belongs and then decides if it needs to block.

The ASA does not know the url because the http has the URL encrypted and so it can't log it.

I hope it makes sense.

PK

1 REPLY
Cisco Employee

Re: HTTPS inspection on ASA with SmartFilter

The smartfilter blocks https doing a reverse lookup for all illegit urls.

In other words when it sees the ip address you are https-ing to it checks what domain the ip address belongs and then decides if it needs to block.

The ASA does not know the url because the http has the URL encrypted and so it can't log it.

I hope it makes sense.

PK

1608
Views
0
Helpful
1
Replies
CreatePlease login to create content