URL Filtering WITHOUT Websense??

Discussion in 'Cisco' started by ridergroov, Jan 3, 2007.

  1. ridergroov

    ridergroov Guest

    Hi folks. I am new to Cisco products and there are a few things I am
    trying ot configure. I am running a 2821 Router with IOS v 12.4(10a).
    I am trying to configure the URL filtering portion of the firewall ACL.
    I have configured to deny one site, then I enable the filter and it
    shuts down all internet sites. When I disable the URL filtering,
    everything works fine again. This looks pretty cut and dry but
    apparently it is not. I was also reading that I needed a websense
    server to use this feature? Is that correct? Thanks.
    ridergroov, Jan 3, 2007
    #1
    1. Advertising

  2. ridergroov

    AM Guest

    ridergroov wrote:

    > Hi folks. I am new to Cisco products and there are a few things I am
    > trying ot configure. I am running a 2821 Router with IOS v 12.4(10a).
    > I am trying to configure the URL filtering portion of the firewall ACL.
    > I have configured to deny one site, then I enable the filter and it
    > shuts down all internet sites. When I disable the URL filtering,
    > everything works fine again. This looks pretty cut and dry but
    > apparently it is not. I was also reading that I needed a websense
    > server to use this feature? Is that correct? Thanks.


    post what you have done.
    AFAIK the built-in filter is useful if you want to manage short lists of what to allow or deny. For more accurate
    management you need an external server.

    HTH Alex
    AM, Jan 3, 2007
    #2
    1. Advertising

  3. ridergroov

    ridergroov Guest

    Hi Alex,

    Yes I am only interested in blocking short lists. I am using the GUI
    interface to configure since I do not know the commands or how to use
    them yet. I have a training next week which will hopefully help out
    with that. Anyway, this is what I did:

    1. Logged into the router via web browser
    2. Clicked COnfigure at the top of the window
    3. Went to Firewall and ACL.
    4. Clicked on Application Security Tab
    5. Clicked on URL Filtering
    6. Checked Enable URL Filtering box.
    7. Clicked Add URL
    8. Entered www.google.com (for testing).
    9. Clicked Deny radio button.
    10. Clicked Okay
    - www.google.com shows up in list
    11. Clicked Apply Changes.

    After I do that I get the message "To enable URL Filtering, configure
    "any any" ACL for the Java Applet scanner to avoid performance issue."
    which I ignored and clicked OK. The commands are successfully delivered
    to router. After I do that, ALL websites give me the forbidden
    message. Any help would be appreciated. Thanks!


    AM wrote:
    > ridergroov wrote:
    >
    > > Hi folks. I am new to Cisco products and there are a few things I am
    > > trying ot configure. I am running a 2821 Router with IOS v 12.4(10a).
    > > I am trying to configure the URL filtering portion of the firewall ACL.
    > > I have configured to deny one site, then I enable the filter and it
    > > shuts down all internet sites. When I disable the URL filtering,
    > > everything works fine again. This looks pretty cut and dry but
    > > apparently it is not. I was also reading that I needed a websense
    > > server to use this feature? Is that correct? Thanks.

    >
    > post what you have done.
    > AFAIK the built-in filter is useful if you want to manage short lists of what to allow or deny. For more accurate
    > management you need an external server.
    >
    > HTH Alex
    ridergroov, Jan 3, 2007
    #3
  4. ridergroov

    ridergroov Guest

    Hi Alex,

    Yes I am only interested in blocking short lists. I am using the GUI
    interface to configure since I do not know the commands or how to use
    them yet. I have a training next week which will hopefully help out
    with that. Anyway, this is what I did:

    1. Logged into the router via web browser
    2. Clicked COnfigure at the top of the window
    3. Went to Firewall and ACL.
    4. Clicked on Application Security Tab
    5. Clicked on URL Filtering
    6. Checked Enable URL Filtering box.
    7. Clicked Add URL
    8. Entered www.google.com (for testing).
    9. Clicked Deny radio button.
    10. Clicked Okay
    - www.google.com shows up in list
    11. Clicked Apply Changes.

    After I do that I get the message "To enable URL Filtering, configure
    "any any" ACL for the Java Applet scanner to avoid performance issue."
    which I ignored and clicked OK. The commands are successfully delivered
    to router. After I do that, ALL websites give me the forbidden
    message. Any help would be appreciated. Thanks!


    AM wrote:
    > ridergroov wrote:
    >
    > > Hi folks. I am new to Cisco products and there are a few things I am
    > > trying ot configure. I am running a 2821 Router with IOS v 12.4(10a).
    > > I am trying to configure the URL filtering portion of the firewall ACL.
    > > I have configured to deny one site, then I enable the filter and it
    > > shuts down all internet sites. When I disable the URL filtering,
    > > everything works fine again. This looks pretty cut and dry but
    > > apparently it is not. I was also reading that I needed a websense
    > > server to use this feature? Is that correct? Thanks.

    >
    > post what you have done.
    > AFAIK the built-in filter is useful if you want to manage short lists of what to allow or deny. For more accurate
    > management you need an external server.
    >
    > HTH Alex
    ridergroov, Jan 3, 2007
    #4
  5. "ridergroov" <> wrote in message
    news:...
    > Hi Alex,


    > After I do that I get the message "To enable URL Filtering, configure
    > "any any" ACL for the Java Applet scanner to avoid performance issue."
    > which I ignored and clicked OK. The commands are successfully delivered
    > to router. After I do that, ALL websites give me the forbidden
    > message. Any help would be appreciated. Thanks!
    >



    I guees that like the ACL config guidelines, you have to permit SOMETHING in
    a filter, as there are a implict deny any at the end of any filter.

    So try to deny google, and then permit any.

    HTH
    Martin
    Martin Bilgrav, Jan 3, 2007
    #5
  6. It's rule for ALL Access-Lists - there is implicit "deny all" at the end of
    EVERY access-list (even though it's not shown in the config). It means that
    everything "not permitted" by an access-list will be dropped by default. So,
    you have to enable "everything else" at the end of access-list.

    Good luck,

    Mike
    ----
    Cisco IP Phone Headset Adapters
    www.ciscoheadsetadapter.com


    "ridergroov" <> wrote in message
    news:...
    > Hi Alex,
    >
    > Yes I am only interested in blocking short lists. I am using the GUI
    > interface to configure since I do not know the commands or how to use
    > them yet. I have a training next week which will hopefully help out
    > with that. Anyway, this is what I did:
    >
    > 1. Logged into the router via web browser
    > 2. Clicked COnfigure at the top of the window
    > 3. Went to Firewall and ACL.
    > 4. Clicked on Application Security Tab
    > 5. Clicked on URL Filtering
    > 6. Checked Enable URL Filtering box.
    > 7. Clicked Add URL
    > 8. Entered www.google.com (for testing).
    > 9. Clicked Deny radio button.
    > 10. Clicked Okay
    > - www.google.com shows up in list
    > 11. Clicked Apply Changes.
    >
    > After I do that I get the message "To enable URL Filtering, configure
    > "any any" ACL for the Java Applet scanner to avoid performance issue."
    > which I ignored and clicked OK. The commands are successfully delivered
    > to router. After I do that, ALL websites give me the forbidden
    > message. Any help would be appreciated. Thanks!
    >
    >
    > AM wrote:
    >> ridergroov wrote:
    >>
    >> > Hi folks. I am new to Cisco products and there are a few things I am
    >> > trying ot configure. I am running a 2821 Router with IOS v 12.4(10a).
    >> > I am trying to configure the URL filtering portion of the firewall ACL.
    >> > I have configured to deny one site, then I enable the filter and it
    >> > shuts down all internet sites. When I disable the URL filtering,
    >> > everything works fine again. This looks pretty cut and dry but
    >> > apparently it is not. I was also reading that I needed a websense
    >> > server to use this feature? Is that correct? Thanks.

    >>
    >> post what you have done.
    >> AFAIK the built-in filter is useful if you want to manage short lists of
    >> what to allow or deny. For more accurate
    >> management you need an external server.
    >>
    >> HTH Alex

    >
    headsetadapter.com, Jan 4, 2007
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rob

    URL filtering question

    Rob, Oct 18, 2004, in forum: Cisco
    Replies:
    1
    Views:
    1,364
  2. Rob

    URL filtering app

    Rob, Jan 12, 2005, in forum: Cisco
    Replies:
    2
    Views:
    401
    Kevin Widner
    Jan 12, 2005
  3. Kent
    Replies:
    2
    Views:
    21,501
    rgs1000
    Oct 29, 2008
  4. Rich Pierson

    url filtering 2811

    Rich Pierson, Dec 1, 2007, in forum: Cisco
    Replies:
    2
    Views:
    383
    Doug McIntyre
    Dec 2, 2007
  5. lesniak81

    1801 + url-server (websense)

    lesniak81, Jul 22, 2008, in forum: Cisco
    Replies:
    2
    Views:
    538
    lesniak81
    Jul 23, 2008
Loading...

Share This Page