Solved

url filtering question on ASA?

Posted on 2010-11-26
8
460 Views
Last Modified: 2012-06-21
Hi Experts,

i came across this situation where in websense was configured for url filtering on the ASA and it had this command:

filter url ftp 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow

according to my understanding filter url is for http traffic but the above command points me to http traffic on port 21. is that correct?? if so what kind of traffic is it? and how does the websense deal with this or what will it look for?

i ask this coz in this scenario when some one does a http://ftp.xyz.com it does not allow access to this site. but when i remove this command everything is fine.

any help would be appreciated.

thx.
0
Comment
Question by:ullas_unni
  • 4
  • 4
8 Comments
 
LVL 20

Expert Comment

by:RPPreacher
ID: 34221580
This filters FTP connections from any source to any source.  Port 21.  Not HTTP.
0
 
LVL 4

Author Comment

by:ullas_unni
ID: 34221635
i thought that was done by the command

filter ftp 21 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
0
 
LVL 20

Accepted Solution

by:
RPPreacher earned 500 total points
ID: 34221839
0
 
LVL 4

Author Comment

by:ullas_unni
ID: 34221972
i understand that port is optional but the doc says:

 'Replace port with the port number on which to filter HTTP traffic if a different port than the default port for HTTP (80) is used. In order to identify a range of port numbers, enter the start and end of the range separated by a hyphen.'

so how is it ftp traffic?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 20

Expert Comment

by:RPPreacher
ID: 34222161
Because it is.  Because that is the command for filtering FTP.  Because it says "filter url FTP"

Because if you were going to filter HTTP, it would say "filter url HTTP"
0
 
LVL 4

Author Comment

by:ullas_unni
ID: 34222245
okay.. then does filter ftp 21 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow do the same functionality?
0
 
LVL 20

Expert Comment

by:RPPreacher
ID: 34222248
filter ftp is 6.x command
filter url ftp is 7.0 and 8.0 command
0
 
LVL 4

Author Comment

by:ullas_unni
ID: 34222252
you know what.. i think i got confused! i looked this up in the command reference tool and got the idea. anyways thx.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

How to configure Site to Site VPN on a Cisco ASA.     (version: 1.1 - updated August 6, 2009) Index          [Preface]   1.    [Introduction]   2.    [The situation]   3.    [Getting started]   4.    [Interesting traffic]   5.    [NAT0]   6.…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now