取消
显示结果 
搜索替代 
您的意思是: 
cancel
4161
查看次数
6
有帮助
4
回复

asa5505 url过滤怎么设置?

wb_ww
Level 1
Level 1
asa5505 url过滤怎么设置?求教大家!
4 条回复4

yssqt5211
Level 1
Level 1
这个还没有做过,反正用深信服的 上网行为管理 很容易实现的。

lizhe20032004
Level 1
Level 1
可以参考这个,但是不太建议在ASA 上做,因为有不仅仅涉及 ASA配置的知识,还有一些正则表达式之类的,比较复杂。

lizhe20032004
Level 1
Level 1
老外的配置供进一步参考
1. Implementing White list
! defining the URL to filter
regex UBI-URL1 "yahoo.com"
regex UBI-URL2 "ubiqube.com"
! grouping url in one object
class-map type regex match-any UBI-URL-LIST
match regex UBI-URL1
match regex UBI-URL2
! specified the matching traffic to block
class-map type inspect http match-all UBI-HTTP-MAP
match no request header host regex class UBI-URL-LIST
! declare action to matching traffic
policy-map type inspect http UBI-HTTP-INSPECT
class UBI-HTTP-MAP
reset log
!applying the inspection
policy-map global_policy
class inspection_default
inspect http UBI-HTTP-INSPECT
OR
2. Implementing black list
! defining the URL to filter
regex UBI-URL1 "yahoo.com"
regex UBI-URL2 "ubiqube.com"
! grouping url in one object
class-map type regex match-any UBI-URL-LIST
match regex UBI-URL1
match regex UBI-URL2
! specified the matching traffic to block
class-map type inspect http match-all UBI-HTTP-MAP
match request header host regex class UBI-URL-LIST
! declare action to matching traffic
policy-map type inspect http UBI-HTTP-INSPECT
class UBI-HTTP-MAP
reset log
!applying the inspection
policy-map global_policy
class inspection_default
inspect http UBI-HTTP-INSPECT
3. Monitore the result via the logs
URL accessed
07-10-10 08:16:27 5 %ASA-5-304001: 10.10.10.10 Accessed URL 213.30.157.8:/page.php?2
URL Blocked
07-10-10 08:16:52 5 %ASA-5-415008: HTTP - matched Class 22: UBI-HTTP-MAP in policy-map UBI-HTTP-inspect, header matched - Resetting connection from inside:10.10.10.10/1423 to outside: 209.85.135.103/80
入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:









快捷链接