URL Filtering - Allowing one site, blocking all others
I want to use ASA to allow one computer to access only to one website (www.tsf.pt).
I used the following configuration but I am not being able to put it it to work, since all web traffic is denied.
access-list Inside_mpc line 1 extended permit object-group Web_Access object TI-Virtual any4 (group Web_Access allows http and https)
regex TSF "tsf\.pt"
policy-map type inspect http TSF parameters protocol-violation action drop-connection match not request uri regex TSF reset log
class-map TSF-Filter-class match access-list Inside_mpc
policy-map TSF-Filter class TSF-Filter-class inspect http TSF
service-policy TSF-Filter interface Inside
My ideia was that anything that did not match www.tsf.pt would be denied. After I failed to do it I configured the policy-map with a match request uri regex TSF (with reset and log) and when I opened the website I could see hit count increasing on the policy-map (this was just to check that ASA was processing regex).
After I tried the following policy that also did not work (did this because I didn't knew if there was an implicit deny at the end of the policy map)
policy-map type inspect http TSF parameters protocol-violation action drop-connection match request uri regex TSF log
match not request uri regex TSF reset log
Is there something wrong with my config? Am I missing anything?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...