Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

TREND IOS Content FIltering on HTTPS?

Hi

We've got the new IOS Content Filtering (provided by Trend Micro) setup and working mostly good on one of our remote routers, but it is only scanning/blocking HTTP content currently. When I add the HTTPS to the class-map, it complains;

class-map type inspect match-any http-class

match protocol http

match protocol https

policy-map type inspect urlfilter trend-policy

parameter type urlfpolicy trend trend-pm

class type urlfilter whitelist

log

allow

class type urlfilter blacklist

log

reset

class type urlfilter trend drop-category

log

reset

policy-map type inspect insideOut

class type inspect intVPN

inspect

class type inspect insideOut

inspect

class type inspect http-class

inspect global

service-policy urlfilter trend-policy

class type inspect catchAllPrivate

inspect

class class-default

pass log

Is there any way to get IOS content filtering working on HTTPS, or will it always disable when it reboots and sees that HTTPS in the class map? Thanks.

4 REPLIES
Community Member

Re: TREND IOS Content FIltering on HTTPS?

Here is the msg displayed when trying to turn on HTTPS content scanning;

%Deep packet inspection action of the configured type not applicable to protocol "Other" in class "http-class". Please remove the protocol and try.

%Unable to attach child policy

Community Member

Re: TREND IOS Content FIltering on HTTPS?

Hi, I'm having the same problem. You somehow managed to solve it?

Community Member

Re: TREND IOS Content FIltering on HTTPS?

Sadly, we just stopped using this product as the only way was via white/black lists. Luckily we only have a single client still using this junk software.

Sorry sir

Community Member

Re: TREND IOS Content FIltering on HTTPS?

Thanks for your attention

De: jasonhumes

Enviada em: quinta-feira, 28 de julho de 2011 11:53

Para: Daniel Spalla

Assunto: - Re: TREND IOS Content FIltering on HTTPS?

Cisco Support Community<>

Re: TREND IOS Content FIltering on HTTPS?

created by jasonhumes<> in Firewalling - View the full discussion<>

853
Views
0
Helpful
4
Replies
CreatePlease to create content