Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IOS Trend Content Filtering - Blacklist

Is it possible with IOS Trend Content filtering to block all websites from specific users except only from 2-3 sites?

Cisco Employee

Re: IOS Trend Content Filtering - Blacklist

I believe so.  I haven't tried it but you

can follow the example here:

You can allow only the 3 sites (by destination IP address from these source computers IP add) so, it won't filter those.


Cisco Employee

Re: IOS Trend Content Filtering - Blacklist

I do not think you can achieve this with IOS content filtering as there is no option of blocking web access based on User policies.

- AD

Community Member

Re: IOS Trend Content Filtering - Blacklist

Based on document (DOC-8028) there is an option to filter specific hosts based on ACL.Therefore you can specify the users based on their IP address.

Filtered Hosts Class-Map

This class map is where the traffic to be filtered is matched. It can be based on protocols and ip addresses defined in ACLs.

class-map type inspect match-all filtered-hosts
match protocol http
match access-group 123

What I am thinking is how can I block all websites? Does the below command can block everything?

parameter-map type urlf-glob url-blacklist
pattern *
CreatePlease to create content