ASA5520 with ASA-SSM-20. Currently using Websense product for Web filtering. Need to find a way for Firewall/SSM to track/block users using from using outside proxy servers using public IP address on port 80.
For tunnelling applications or web traffic? If applications, then they are most probably using the HTTP CONNECT Method, there is a signature built into the Cisco IPS for that. You can set the action to Deny for that signature. But test it out before :). Also exclude your genuine proxy servers from this signature using Event Action Filters.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...