Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

URL Filter exemptions

Hello, just had a query regarding the web filter settings for a Cisco ASA 5510...

We recently purchased Websense Web Security for our office, & configured our Cisco Firewall according to this guide "PIX/ASA URL Filtering Configuration Example"  http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008088517b.shtml

All working fine except for one website, www.flickr.com, which fails to load properly - it only loads the first few thumbnail images then appears get stuck on "waiting for l.yimg.com". I have tried adding flickr.com, staticflickr.com & yimg.com as exceptions in Websense although I'm pretty sure its not a Websense problem - I even deleted my laptop from Websense & the problem still occurs. However the flickr page loads fine from the same laptop if I access another wifi network out of the office.

I have to assume its something to do with the URL filter settings on the firewall, I don't want to delete the settings as Websense is otherwise working fine, but does anyone know if you can exempt certain URLs from being passed through the URL filter?

Thanks,

.

1 ACCEPTED SOLUTION

Accepted Solutions

URL Filter exemptions

Hello Rebel Scum (Nice nickname by the way )

so with the ASA you have the option to filter based on the source IP address and destination IP address.

It would be great if you get the IPv4 address used for that specific website so you can do the follow:

filter url except 10.1.1.1 255.255.255.255 4.2.2.2 255.255.255.255 allow

Where the 10.1.1.1 is your Client and 4.2.2.2 the webserver you cannot load

Pretty cool right

Note: Congrats by using the best Content Filter in the market

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
4 REPLIES
Cisco Employee

URL Filter exemptions

Hi,

I am moving this disuccion to Cisco Firewalling community for more appropriate audiences.

The Web Security community is focussing on Cisco Web Security Appliance.

Regards,

Donny

New Member

URL Filter exemptions

ok thanks Donny, fingers crossed

URL Filter exemptions

Hello Rebel Scum (Nice nickname by the way )

so with the ASA you have the option to filter based on the source IP address and destination IP address.

It would be great if you get the IPv4 address used for that specific website so you can do the follow:

filter url except 10.1.1.1 255.255.255.255 4.2.2.2 255.255.255.255 allow

Where the 10.1.1.1 is your Client and 4.2.2.2 the webserver you cannot load

Pretty cool right

Note: Congrats by using the best Content Filter in the market

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Re: URL Filter exemptions

thanks Julio, thats a great help & yes I'm really pleased with Websense, no need to worry about proxy servers & you can catch all the smartphone data too

348
Views
0
Helpful
4
Replies