Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1624
  • Last Modified:

Configure website filtering on Cisco router

Need help in setting up the Cisco router to block websites.
Need to block facebook, craigslist, myspace, etc.

I tried the URL filtering but when i enable it, it blocks all websites. (weird)
and after i enable it, it asks me to add "any any port on the ACL" (dont know how to do that)

dont know much about Cisco, so it would be great if i get full instructions on setting this up.

thanks in advance.
0
andrew_transparent
Asked:
andrew_transparent
  • 5
  • 5
  • 2
  • +1
1 Solution
 
damalanoCommented:
only thing i know ( but never used ) is explained here :

http://ardenpackeer.com/qos-voip/tutorial-how-to-use-cisco-mqc-nbar-to-filter-websites-like-youtube/

Hope it helps
0
 
andrew_transparentAuthor Commented:
ummm i dont think i have that network setup.
and that's REALLLLY complicated.

is there like a easy way, like normal routers have? just add the website to be blocked and your set?

tnx
0
 
damalanoCommented:
not that i know of sorry .
Maybe someone else.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
ajeabCommented:
If I'm not wrong, URL filter require addition purchase. (websense to be exact).
you can try to static set the dns address if you do your own DNS server (big job).
What I did with the place I work is to setup proxy server using DanGardian (free) and turn the category on from there.
0
 
andrew_transparentAuthor Commented:
i dont think you have to purchase it. or maybe im wrong?
i see it on the Firewall policies --> Application Security when using SDM

i just want to know how to set this up properly.
because as i was saying.. when i enable URL filtering it blocks all the websites.

tnx.
0
 
damalanoCommented:
Hey andrew,

I'm note sure if you have to buy websense as ajeab said. ( could be i could find it.
Here's how to configure. ( i haven't tried it but maybe you can ) Tell me if it works i'd like to know too ( i do'nt have an testing setup )

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftwebsen.html
0
 
andrew_transparentAuthor Commented:
wow..that looks complicated.
i dont have a test setup too...im doing this LIVE ..yikes.


0
 
andrew_transparentAuthor Commented:
where's Jfrederick29???

i think he'll know a better way.hmmm
0
 
damalanoCommented:
ok you wait for Jfrederick29

Good Luck
0
 
andrew_transparentAuthor Commented:
is he seeing this question?
i asked him on the last question he answered for me to help me with this one too....

helppp :-(
0
 
damalanoCommented:
If you are looking for a one click install maybe you should not use cisco.
Cisco is and will always be a major part working in CLI. If this is too complicated for you maybe you should setup an isa server. That is more clickerdieclick. I hope Jfrederick29 did not see the question for you or else he doensn't know the one click answer too like me. And i know he's good !

My last link is not that complicated. i don't think you would find an easier solution. just backup your config and and folow the step-by-step instruction. If it does'nt accept an command it is probably not supported by your system. you need  at least 12.2(15)T .

If it fails restore your config and nothing happend.

Good luck again !

0
 
ajeabCommented:
websense that embed in cisco is part of websense enterprise.  the sample price here
http://www.securehq.com/group.wml&deptid=45&groupid=225&sessionid=200810712541217293
no way that websense or h2n2 will give it for free.  

I agree with damalano here.  Cisco is not plug-n-play device.  it's require some knowledge to set it up.  the last link is a step-by-step instruction.

if you want to use something easy, I did use a product call IBOSS from http://www.iphantom.com at one of my site.  It require subscription (but much cheaper than websense) . The device sit between your router and your modem.  it work similar to DanGardian but without computer.  There are different category for you to turn on/off to filter.  

hope this help
0
 
ajay2801Commented:
just use the WCCP and configure your router to redirect all you traffc to websense and then apply all the policies in the websense.
It will workd.

0
 
ajay2801Commented:
If you dont' want to use the Websens and do this on the router basis then use the QoS.
Use the class map to permit and deny the website and then call this class map in the policy map.

Then apply the policy map on the interface.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 5
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now