I'm using a PIX 515 with IOS version 7.0(4) and a websense filtering server. Everything works fine until the server is taken offline for maintenance. When the server is replaced I have to re-create the url-filtering commands on the PIX in order for the server to start filtering again. Any ideas on why this must be done?
I am facing problem in integratiing PIX525(1:1 Active-Stdby), IOS 6.34. I have followed the documentation provided by Websense to do that. Websense ver is 6.1
I have taken the ethreal cap to see the TCP handshake bet'n PIX and websense. But it is not able to filter anything. I am using websense for Intranet only so have created custom URLs based on IP addresses and hostnames. Also I have tried to connect the websense server on SPAN port also but Test visibility tool is unable to find any IP addresses for Network agent.
On our setup we have three interfaces for the websense device. For one interface (the non-filtering interface) I have a span seesion setup so the websense can see all traffic. The second interface is the one I have the url redirects going to. The third interface is for the websense database.
Is your intranet traffic traversing your firewall? Can you send your configuration for the websense filtering?
The config from PIX is fine as now I am able to see logs on Test Log server. Now I am trying to use Websense for URL filtering of Intranet pages. Pls see the details below and suggest if possible.
Clients are identified based on IP addresses and a policy should be made to permit authorized access of web apps based on URLs.
Please suggest if Websense can be used for URL filtering of Intranet made of private IP addresses. The details regarding the setup is as follows.
Firewalls: Two PIX525 in Active-Stdby FO mode. Inside IP 10.100.200.4/24
Mode : Intergarted Cisco PIX firewalls
Version: 6.1.1 with database downloaded (Aug28)
OS : Windows 2003 server
Physical Placement: In the inside zone of firewall. The application servers are currently placed in the same zone. Some Intranet servers will be accessed through DMZ zone also later on through a WAN link.
Physical Conenctivity: Server has 2 NIC. 1 NIC for Management (IP 10.100.200.6)
NIC 2 is used for monitoring (IP address 192.168.0.197/24)
Websense is configured to send block information through NIC 1
A policy is made that allows permitted category. In User defined two sub categories are created ?Allowed? and ?Blocked? and respective custom URLs are created in that. Only ?Allowed? category is permitted and other one blocked.
When respective pages are accessed the Test Log servers shows activity and the disposition comes as Blocked and Allowed URL but the URL that is blocked can also be accessed by user.
These are the lines that are configured in PIX for websense. I am getting matches on the TestLogserver on websense. But websense is not able to block anything nor does the block-message from Websense appears. I am using it for Intranet URLS based on IP addresses and domains resolved by local dns only.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...