Wednesday, March 27, 2013

BLOCKING URL'S AND INSTANT MESSENGER IN ASA Example



BLOCKING URL'S AND INSTANT MESSENGER IN ASA  Example

 
 
 
 ASA Configuration
interface Ethernet0/0
nameif outside
 security-level 0
 ip address 192.168.137.2 255.255.255.0
no shut
!
interface Ethernet0/1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
no shut

global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 192.168.137.1


 URLs to be block with domain name  like facebook

regex url1 "facebook.com"
regex url2 "myspace.com"
regex url4 "twitter.com"


Create Class map by name urleg in order to match the domain names to be blocked

class-map type regex match-any urlreg
match regex url1
match regex url2
match regex url4

Inspecting  http traffic by  the name http_url_policy  

class-map type inspect http match-all http_url_policy
match request header host regex class urlreg

Inspecting  IM traffic by the name im-traffic

class-map type inspect im match-all im-traffic
match protocol msn-im yahoo-im

Create ACL of the interesting traffic for http

access-list http permit tcp any any eq 80

Create ACL of the interesting traffic for IM

access-list 101 line 1 extended deny ip 192.168.1.0 255.255.255.0 any
access-list 101 extended permit ip any any

Create a class by the name http-inspection to capture http interesting traffic and assign access-list i.e http

class-map http-inspection
match access-list http

Create a class by the name im_inspection to capture IM interesting traffic and assign access-list i.e 101

class-map im_inspection
match access-list 101

Create Http inspection policy by the name http_policy and map class-map i.e  http_url_policy

policy-map type inspect http http_policy
parameters
class http_url_policy
drop-connection

Create IM inspection policy by the name im_policy and map class-map ie im-traffic

policy-map type inspect im im-policy
parameters
class im-traffic
drop-connection log

Create policy-map by the name block-url-im and Map the inspection policy-map to the class

policy-map block-url-im
class http-inspection
inspect http http_policy
class im_inspection
inspect im im-policy

 Applying  service policy and mapping policy-map i.e block-url-im  onto interface to take effect

service-policy block-url-im interface outside
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)