Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

URL blocking to be applied to specific users

Dear Team,

I am having ASA firewall 5520. I want to block yahoo mail, gmail using regex for particular users only.

How to go about it?

Thanks and Regards,

Divya

5 REPLIES
New Member

Re: URL blocking to be applied to specific users

The first response on this particular post to the forum pretty much sums up how it's done. I've tried it per this gentleman's response and it does work.

https://supportforums.cisco.com/message/880042#880042

Re: URL blocking to be applied to specific users

Unfortunatelly you cannot block the sites per user. You can block it based in the access-list  that you apply to the Class-map but not based in the username of a user in a domain controller for example.

Cisco Employee

Re: URL blocking to be applied to specific users

Divya,

The CSC module can do this based on active directory user accounts.  It goes in the slot on the back of the ASA.  Besides that you need to specify IP address and not username to block it.

You can read about the CSC module here: http://www.ciscosystems.co.ck/en/US/docs/security/csc/csc62/administration/guide/csc8.html

Another alternative is to use websense or N2H2 server on the inside to do content filtering.

-KS

Cisco Employee

Re: URL blocking to be applied to specific users

If you want to block the urls on the ASA only then use example in https://supportforums.cisco.com/docs/DOC-1268#Allow_every_url_for_specific_hosts_block_specific_urls_for_the_rest

It will give you exactly what you want.

I hope it helps.

PK

New Member

URL blocking to be applied to specific users

HI expert,

Would you please help me in this issue I have ASA 5510 and I need to block URL to be applied to specific users not using the IP address. I integrate ASA with my active directory now it’s (ASA) detecting the users from my domain but he is not applied the rules on the users.

It’s only working using the IP address using trend micro content security

Any help in this issue.

if you have any idea please contact me on my email :

mamer@vseegypt.com

mamer1983@hotmail.com

Thanks.

536
Views
0
Helpful
5
Replies
CreatePlease login to create content