02-11-2009 07:34 AM - edited 03-11-2019 07:48 AM
Recently we've introduced Websense to our environment and I am using a spanning port on the core switch to force all traffic destined to the Internet to go through websense, that works very well.
The problem we have now is that Remote Access VPN users (coming from the Internet of course) are not going through websense when accessing the Internet given their traffic does not go through the spanning port, rather they are coming from the OUTSIDE interface of the firewall. I am aware that there is another way of talking to websense and that is through the filter command on the firewall but it is only limited to a number of ports.
So the question is: How do we get ALL traffic going to the Internet to go through websense, both internal users as well as remote access VPN users.
Pls assist if you have this working.
02-11-2009 08:04 AM
Try this or something like it with your IP's.
url-server (inside) vendor websense host (Your IP) timeout 30 protocol TCP version 4 connections 5
url-cache src_dst 128
filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
02-11-2009 08:50 AM
Does that mean I can remove the port spanning? Is this config global, ie. it applies to traffic coming from the INSIDE & OUTSIDE (VPN users)? Is it limited to specific ports or will it filter all ports going out?
02-11-2009 09:14 AM
Should apply to all...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide