Recently we've introduced Websense to our environment and I am using a spanning port on the core switch to force all traffic destined to the Internet to go through websense, that works very well.
The problem we have now is that Remote Access VPN users (coming from the Internet of course) are not going through websense when accessing the Internet given their traffic does not go through the spanning port, rather they are coming from the OUTSIDE interface of the firewall. I am aware that there is another way of talking to websense and that is through the filter command on the firewall but it is only limited to a number of ports.
So the question is: How do we get ALL traffic going to the Internet to go through websense, both internal users as well as remote access VPN users.
Re: PIX\ASA configuration for Websense URL filtering
Does that mean I can remove the port spanning? Is this config global, ie. it applies to traffic coming from the INSIDE & OUTSIDE (VPN users)? Is it limited to specific ports or will it filter all ports going out?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...