Cisco Firewall :: URL Blocking Through ASA 5510 Without ISA
May 10, 2011I have cisco ASA 5510 with ios version 7.07 & all users are browsing the internet via PAT through ASA. i want to block some sites/URLs like facebook, yahoo etc.
View 2 Replies
ADVERTISEMENT
Cisco Firewall :: ASA 5510 Blocking Port 25?
Dec 13, 2010I have a Cisco ASA 5510. I have detected an infected workstation on my internal LAN which has caused my IP to be blacklisted by Barracuda Networks and other RBL. I have scanned and cleaned the workstation removing the spambot. I want to prevent all my internal workstations from sending SMTP traffic on Port 25 through my ASA 5510 device. I only need to allow my Exchange Server access to send out traffic on port 25. configure this setup using ASDM 5.0? I know it may be easier using CLI, but using the ASDM would really be preferred.
View 4 Replies View RelatedCisco Firewall :: 5510 Blocking All Websites Except Few
Nov 16, 2011How to block a single website, but I want to do the opposite. I would like to block all website except for a handful of them. Any example configs?
View 3 Replies View RelatedCisco Firewall :: 5510 CSC SSM Blocking Valid Site
Sep 10, 2012We have a Cisco ASA 5510 with a CSC SSM 20 module installed. As of this morning a valid site (Public School System) is being blocked at my site. It says the site is of High risk. I have tried entering the site in the block list exceptions but it still comes up as a high risk site.
View 2 Replies View RelatedCisco Firewall :: ASA 5510 ACL For Blocking Outbound SMTP
Jan 30, 2013I'm trying to configure a simple ACL to block smtp traffic from leaving my LAN -- basically prevent internal users from setting up internet email accounts in their email clients and sending through that smtp server. i want my Exchange server only to send smtp traffic. here's what i have:
-access-list 102 extended permit tcp host 10.10.1.29 eq smtp any eq smtp <===10.10.1.29 is Exchange
-access-list 102 extended deny tcp any eq smtp any eq smtp
-access-list 102 extended permit ip any any
-access-group 102 in interface inside
after i apply this ACL to the ASA, i am still able to send from my internet email address setup in Outlook using my "foreign" smtp server.
Cisco Firewall :: ASA 5510 - CSC SSM Blocking Valid Site
Jul 8, 2012We have a Cisco ASA 5510 with a CSC SSM 20 module installed. As of this morning a valid site (Public School System) is being blocked at my site. It says the site is of High risk. I have tried entering the site in the block list exceptions but it still comes up as a high risk site...
View 1 Replies View RelatedCisco Firewall :: Blocking Outbound Port 80 Traffic Using ASDM On ASA 5510
Nov 26, 2012I am attempting to block outbound traffic for a specific PC on my LAN using the ASDM.
View 2 Replies View RelatedCisco Firewall :: ASA 5510 / Blocking / Shunning Hosts With Service Policy Rules?
Dec 20, 2012I have an ASA 5510 deployed and we are getting a tonne of port scanning traffic (who isn't these days) and ping traffic.The threat scanning thresholds seem a bit too high and was wondering if there is a way to use a Service Policy Rule to perform a Shun/Block of the hosts rather than the firewall simply blocking the request via the ACL and sending a reply.
In other words, if I do nothing, I know the ACL is protecting the resources but it is still replying to the client connection. I want the end result to be the same as a "Shun" where the connection is dropped and no reply is sent. how to employ Service Policy Rules to thwart Port Scanning and/or IP Spoofing?
Cisco Firewall :: ASA5505 Firewall Rule Not Blocking
Apr 1, 2013I'm trying to troubleshoot an ASA5505.
The original goal was to block "Mumble/Murmur" (a voip app) traffic, which runs on TCP/UDP 64738, both inbound and outbound, except to a certain host (63.223.117.170).
However, when nothing I tried seemed to make a difference, just to troubleshoot, I decided to try blocking all inbound traffic. I first disconnected ethernet port 0/0 to ensure that it was cabled correctly and the outside interface went down when I did. That worked as expected, so I confirmed I had the right interface and it was cabled correctly.
I then applied a "any any deny ip" rule as the first element in the outside interface access_list, as you can see below. However, it appears to have had no real effect and the hit count is very low (it should be astronomical).
show ver
Cisco Adaptive Security Appliance Software Version 9.0(2)
Device Manager Version 7.1(2)
Compiled on Thu 21-Feb-13 13:10 by builders
System image file is "disk0:/asa902-k8.bin"
[Code].....
Cisco VPN :: ASA 5510 Implicit Deny Access Rule Blocking Site-to-Site VPN?
Apr 22, 2012I've setup a site to site vpn on an ASA 5510 using ASDM (as I have many times before) and the tunnel appears to be up but I am not able to pass traffic. When I run the packet tracer from my inside network to the remote destination network, it shows that it is blocked by the implicit deny ip any any rule on my inside incoming access list.
View 5 Replies View RelatedCisco :: Firewall Blocking Users From Connecting From Outside?
Oct 5, 2012I set up a cisco 2811 to replace a netgear router at the office. I have nat set up and with ccp I added a firewall on the router using the basic firewall wizard. Just about everything works internet, receiving and sending emails on exchange from the pc. Issue I'm having noone can access the company email on their phone.Also theres a camera system that would be accessible to view from the live feed from outside the office and my boss can't access the camera. I port mapped all the custom applications and added new traffic rule from self -> outzone. It didn't work tried to add one from outzone -> self or inzone but i get a prompt stating it only accepts protocols tcp,udp, sip, h323, icmp and a few other I can't think of. I'm pulling out my hair trying to get this to work everything worked seamlessly on the netgear router and nothing was really defined just the inbound ip address of the applications and protocols that are allowed.
Lets say for reference purposes my ip addresses for internet is
internet
55.34.23.43 /24
email server
192.168.10.252 /24
web cam application
192.168.10.10 /24
8000 in
8001 out
Cisco Firewall :: ASA5505 URL Filtering / Blocking?
Jul 7, 2012I have ASA 5505 running 7.2.4, I want to prevent users accessing some web sites such as facebook , youtube and hotmail etc.
Which ASA 5505 IOS version should I use to block web access?
I don't want to isntall a dedicated filtering server ( websense etc) , I just want to block web sites statically on ASA 5505 via ASDM as I only have few sites to block.
know if ASA 5505 can do URL filtering, and what IOS is required ?
Cisco Firewall :: ASA 5505 Blocking FTP Port
Nov 28, 2011I am working on an ASA5505 and am trying to open the ftp port. I have a server (192.168.10.202) on the local LAN which is attempting to download antivirus updates from the net via ftp.
Saved
:
ASA Version 8.3(2)
!
hostname SITE
enable password XXXXXX
passwd XXXXXX
names
[code]....
Cisco Firewall :: SA520W - Blocking URLs
Mar 17, 2011I purchased a SA520W for my company, and i have some probles for configuring firewall. I want to deny access to facebook, youtube and twitter but not for 4 hosts which needs this websites for work. I tried to configure content filtering > blocking URLs but with this solution, I deny acces for all users, So, I tried to make IP v4 rules :
The 4 hosts who may access to these websites are 192.168.50.124 to 127
Example :
FROM Zone : LAN
TO : WAN
Service : Any
Action: block always
Source hosts : 192.168.50.32 to 192.168.50.123
destination hosts : 66.220.158.11 (one of the facebook's ip)
but it does not work. So, I am looking for an other solution, or maybe my rule is not correctly configured ?
Cisco Firewall :: Blocking P2P Traffic On E2500?
Feb 15, 2013networking but can understand with a bit of explanation.. I own a restaurant and provide free WiFi for my customers with a Cisco E2500, I am gettign bills that are through the roof, I contacted my ISP and was told users were accessing P2P downloads(uTorrent, etc.). How can I block these applications?
View 1 Replies View RelatedCisco Firewall :: Blocking Countries On ASA 5505?
Sep 8, 2011I am required to block the IP neworks used by approx 10 coutries. The issue is if using an ACL this works out to be about 18,000 lines, I have done all the summarization possible.. are there any other options? as the ASA 5505 crashes when implementing this many lines.
View 3 Replies View RelatedCisco Firewall :: 2800 - Blocking Url Access?
Jan 30, 2012I wish to block some url that users have access through my LAN
Thats i wish to block icmp,access towards such sites, i wish to block icmp because dns will resolve the domain and they can access through ip address.
what i have in place is a cisco 2800 series routers
Cisco Firewall :: ASA 5520 - Blocking In / Out Emails
Feb 26, 2013I've configured a Cisco ASA5520, i can access to internet and other applications in my office but when i sent an email from inside to outside and vis-versa, i can't receive emails in both side
View 3 Replies View RelatedCisco Firewall :: Blocking DHCP On 1921 K9
Apr 19, 2012I have a 1921 k9 router that has several DHCP pools configured. Before implementing the firewall they were all working. After implementing it they stopped working. I messed around and got the routed port GE0/1 handing out IP addresses and left it alone. Somehow it quit handing out IP addresses yesterday.I dont know if its a quick fix or not (getting DHCP working on the interfaces) but if any article that will walk me through getting DHCP working on all of the interfaces. [code]
View 10 Replies View RelatedCisco Firewall :: ASA 5505 Port Blocking?
Jun 24, 2012I have an ASA 5505 running 8.4.I am only letting ICMP traffic in from the outside.As a test, I opened a couple of ports I need on the ASA.I cannot access these ports and I do not get a denied error in the log.
I contacted the ISP and they are not blocking these ports.I ran an online port scanner to check ports 1-100 as a test. They all came up as blocked on the port scanner. The only deny error I got on the ASA was for port 80.Is this normal behavior? If so, how do I get it to show all of the deny errors so I know the traffic is at least hitting the firewall?
Cisco Firewall :: ASA 5520 - CSC Blocking Using IP / Users
Jan 17, 2012I am new at ASA 5520 and CSC module (version 6.3). I would like to know what configurations are possible for my network users if i use the CSC trend micro blocking using IP address or AD users, I know that i could select users/groups from the windows AD or select the IP addresses that i want to use for blocking or permit HTTP traffic (URL, etc).
My question is on the client side, how the CSC knows what AD users is the one that is requesting certain HTTP pages, or if i user a proxy server, i lose the IP/users options on the CSC??..or i could use authentication options on the proxy for example?.
I have been looking information about this but the manuals only explain the configuration options that i could configure on the CSC Trend Micro page, but it doesn't say which network environment i could use or need.
Cisco Firewall :: ASA 5520 For Blocking LogMeIn And GoToMyPC
Sep 1, 2010How to block LogMeIn and GoToMyPC? We are using an ASA 5520. We mainly want to prevent people coming into our network using those applications. Also, our helpdesk uses LogMeIn Rescue and would need to allow that for them.
View 6 Replies View RelatedCisco Firewall :: ASA5505 Blocking LAN Domain Queries
Dec 6, 2012data centre hosted system with 4 servers connected to a CISCO ASA5505, everything was working fine with 4x windows server 2003 machines but since pulling 2 out and replacing them with windows server 2008 machines i get a flood of the error below and it blocks communications back to the IP listed which is the domain controller so naturally this makes the 2 new servers unusable.
1: they are all connected to the inside VLAN directly via the ASA's switch ports.
2: the are all in the same 255.255.255.0 subnet including the ASA inside interface
3: removing the gateway on the affected machines makes no difference the ASA continues to block it which indicates whether or not the machines use the asa as a gateway its inspecting the traffic and blocking. [code]
Cisco Firewall :: SA520 Blocking Incoming Calls?
Nov 8, 2012I have an SA520 that is being used as a front end firewall. Behind it I have an IP PBX. The VOIP provides are registered and I can make outgoing calls. However It appears that the SA520 is either blocking or not routing the calls. I have opened the ports recommended by both the IP PBX and the VOIP provider. What do I need to do to make incoming calls through the SA520?
View 1 Replies View RelatedCisco Firewall :: 5520 - Blocking URL And Instant Messenger
May 11, 2011Can we block websites and messenger on Cisco ASA 5520 running code 8.2 , we are looking to block facebook.com , yahoo.com , twitter.com , msn messenger, yahoo messenger, google talk and messenger. All Internet traffic from users are passing via the firewall and for 20 users on this site we do not have microsoft ISA or bluecoat.
View 6 Replies View RelatedCisco Firewall :: ASA5520 Allowing / Blocking Skype
Sep 17, 2012I have the following: redundant ASA5520s on v8.2(1)proxy server/web filter for blocking access to websites for staff/studentsusers who want to use SkypeCisco Catalyst 4507 corea dozen VLANs for staff/student/WiFi etcCisco core policy that routes 80/443 to transparent proxy on a WiFi VLAN Windows desktops have direct proxy settings in IE .Pretty much all outbound ports are closed with 80/443 and a handful of specifics for various things open. Because of this Skype attempts to use 80/443 which are sent to the proxy server but bnecause they're not HTTP/HTTPS they cannot be understood. Skype attitude is to open 1024-65535 which is just plain stupid!
There's no way to specify which port(s) Skype uses for outbound. I tried opening 33000-33099 which worked perfectly for 2-3 devices (Win laptop, iPad) but others failed all the time.I've seen people mention using an AIP-SSM module in the ASA for blocking Skype (and other things eg torrents). Is it possible to use this module to allow Skype eg on ports 1024-65535 whilst blocking any other application from using those ports?
Cisco Firewall :: PIX 515 Blocking Outbound Traffic To Certain Sites
Oct 14, 2012 I have a LAN with several linux boxes (Fedora 17, both 32 and 64 bits), as well a a WInXP box. All of these are connected to the same switch, which is connected to the inside port of my PIX 515.
For a few sites (mozilla.org happens to be one of them), for http access, the tcp connection is established, but the "GET" request - or anything else for that matter - will not go through the PIX (from inside to wan). I have verified this by first, using wireshark to watch the packets being sent out from the client box, then by using the trace function in the PIX to see that the packets ARE arriving at the inside interface, but ARE NOT sent out of the wan interface.
This is for the linux boxes ONLY. When I do the same thing with my WinXP box, all works: in the PIX trace, I see the packets arrive at the inside interface, and leave the wan interace. And access to these sites are okay.
(What's a bit weird, although somewhat expected, when I connect my android phone to my LAN via WiFi, it too is unable to reach those sites - but then again, android is linux, right?)
In addition to the tracing, I have narrowed this problem down by connecting a linux box directly to my DSL router, then replacing the PIX with a simple router/gateway. Both of those solutions work.
Some background:
I have been using this PIX for about 10 years now, with the same configuration (except IP addresses). Only in the last several months has this problem started to show up.
I got this pix from a dead company at a really great price (free), so I'd like to keep it, and not have to spend money on something else. I don't have any support license, and have not been able to get any software upgrades. Here is its version info:
taz(config)# sho ver
Cisco PIX Firewall Version 6.2(2)
Cisco PIX Device Manager Version 2.0(2)
Compiled on Fri 07-Jun-02 17:49 by (code)
Serial Number: 405200362 (0x1826ddea)
Running Activation Key: 0x38ac31f3 0x0630df47 0x9a77b805 0x8bc39a60
PS: Since this PIX is at its end of life, I was wondering if any of the software upgrades would be now available without a license?
Cisco Firewall :: 2851 HTTPS URL Blocking Using Class Map
Aug 3, 2011I have a request for blocking urls using a class map. I have made this work with HTTP, however it does not work for https. This is a 2851 router with IOS Version 12.4(15)T7. I see i could use the command "match protocol secure-https" however this does not let me specify any specific urls.
Does a new IOS version will support what I'm trying to do? Or if there is another way?
Cisco Firewall :: 2921 - ZBFW Not Blocking Traffic From DMZ
Apr 22, 2013OK, I have a 2921 on 15.3-2T. ZBFW is working from the inside to the outside, but the DMZ is not being blocked at all to the inside. I am currently running with subinterfaces. All interfaces have zones attached. I have policies from inside to outside and DMZ to outside, those work fine. Without any policy from DMZ to inside, it can pass traffic freely from DMZ to inside. I have tried making an explicit policy to drop all to inside, still passes. I ended up just having to put an ACL on the interface
I already tried upgrading the IOS, that is how I ended up on the newest version. This is connected to a 2960S with a trunk port. Everything else works perfectly except for the DMZ security. I haven't had time to try to lab it up yet, but wanted to see if any reasons this shouldn't work, as all documentation says it should drop all traffic unless you make a policy to pass traffic.
Cisco Firewall :: 5520 - URL Blocking To Be Applied To Specific Users
Feb 10, 2010I am having ASA firewall 5520. I want to block yahoo mail, gmail using regex for particular users only.
View 5 Replies View RelatedCisco Firewall :: ASA5505 - Blocking Internal Traffic Between 2 Servers
Oct 25, 2012I have a cisco ASA5505, it runs a wide site to site VPN network and has 4 servers connected to it
10.50.15.4 > fileserver
10.50.15.5 > domain controller (exchange)
10.50.15.6 > terminal server
10.50.15.7 > terminal server
Now yesterday i removed 10.50.15.6 and replaced it with a new terminal server with the same ip address, ever since the ASA is blocking traffic between it and the domain controller (example)
2Oct 27 201214:51:0510600710.50.15.655978DNSDeny inbound UDP from 10.50.15.6/55978 to 10.50.15.5/53 due to DNS Query What has me baffled is the only thing different between today and yesterday is the new server is windows server 2008 and the old one was windows server 2003. The new server has the same LAN ip address as the old one to make the changeover seamless for the users.
why all the sudden my ASA has decided to block the traffic between those machines? all the other machines can talk to it fine just not the domain controller, and seeing that this is a terminal server naturally you can see the problem i face!
this router has worked flawlessly for 2 years now without any config changes and i cant work out why its blocking traffic between those 2 machines.
Cisco Routers :: RV016 Firewall Is Blocking QuickVPN Access?
Feb 16, 2012We have had our router and remote computers set up with Quick VPN for over a year. We've had our share of problems but have worked around them.
Now, out of the blue, no one can connect to the VPN. I went in to try to do some 'troubleshooting' and the ONLY thing that allows our VPN connection to go through is to completely disable the RV016 firewall. We have too many remote users to actually start and stop the firewall everytime someone needs the VPN connection.
Cisco Firewall :: ASA 5540 Blocking Legit Traffic From Inside
Aug 21, 2011I just made a move from a PIX 506 to an ASA 5540. I have a user that currently logs into a web portal and runs a job. It is now erroring out. When I run the test it gives me the following message:
Testing ports...
Port 1433: Failed
Port 1150: Success
Port 80: Success
Port 443: Success
One or more tests have failed
The computer we access this site from is on the inside network and the ACL says permit ip any any from the inside out so I am not sure why it is failing. Under the ASA Home screen I see the Top 10 Protected Servers under SYN Attack and it appears that the ASA thinks this is some sort of attack.
