url filtering question on ASA?
Hi Experts,
i came across this situation where in websense was configured for url filtering on the ASA and it had this command:
filter url ftp 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
according to my understanding filter url is for http traffic but the above command points me to http traffic on port 21. is that correct?? if so what kind of traffic is it? and how does the websense deal with this or what will it look for?
i ask this coz in this scenario when some one does a http://ftp.xyz.com it does not allow access to this site. but when i remove this command everything is fine.
any help would be appreciated.
thx.
i came across this situation where in websense was configured for url filtering on the ASA and it had this command:
filter url ftp 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
according to my understanding filter url is for http traffic but the above command points me to http traffic on port 21. is that correct?? if so what kind of traffic is it? and how does the websense deal with this or what will it look for?
i ask this coz in this scenario when some one does a http://ftp.xyz.com it does not allow access to this site. but when i remove this command everything is fine.
any help would be appreciated.
thx.
RPPreacher
This filters FTP connections from any source to any source. Port 21. Not HTTP.
ASKER
i thought that was done by the command
filter ftp 21 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
filter ftp 21 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i understand that port is optional but the doc says:
'Replace port with the port number on which to filter HTTP traffic if a different port than the default port for HTTP (80) is used. In order to identify a range of port numbers, enter the start and end of the range separated by a hyphen.'
so how is it ftp traffic?
'Replace port with the port number on which to filter HTTP traffic if a different port than the default port for HTTP (80) is used. In order to identify a range of port numbers, enter the start and end of the range separated by a hyphen.'
so how is it ftp traffic?
Because it is. Because that is the command for filtering FTP. Because it says "filter url FTP"
Because if you were going to filter HTTP, it would say "filter url HTTP"
Because if you were going to filter HTTP, it would say "filter url HTTP"
ASKER
okay.. then does filter ftp 21 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow do the same functionality?
filter ftp is 6.x command
filter url ftp is 7.0 and 8.0 command
filter url ftp is 7.0 and 8.0 command
ASKER
you know what.. i think i got confused! i looked this up in the command reference tool and got the idea. anyways thx.