We have just buy a Cisco Small Business Router, model RV082. I need to enable the content filtering, but we just realized that this equipment does not filter HTTPS urls, even with the solution "Cisco ProtectLink Web" the equipment does not filter HTTPS urls.
For example, if I type on my browser just [URL], the access blocked, but if I type HTTPS:[URL], the access is allowed!Is there any way to block urls with HTTPS?
I am reviewing the Firewall Log's and the block ProtectLink classifications are not matching up to what I have set on the ProtectLink settings.For example the log side says:Oct 21 07:02:08 2011KernelThe URL(facebook.com) you(10.0.5.17) are attempting to access has been identified as Dialers site and has been blocked. But in the ProtectLink side it does not have any hits on the Dialer classification but instead incremented the counter in the Social Networking classification as it should. I was hoping to use the logs to quickly determin which real classification to either turn off for false postivies as I get used to which ones I should turn on and off for our environment.
I face a strange bahavior with my rv220w router : I set up access rules to deny all outbound trafic for a particular IP range. It seems to work fine .... but when I enable content filtering, HTTP access on port 80 works again (and other ports are denied). It seems that activating content filtering makes the router ignore firewall rule.
I'm working withbusiness set up a remote office, currently with about 45 PC's that could grow in the future. They are looking at a RV042G or (for long term future growth) a ISA570.They want to be able to do content filtering by category, ie restrict gambling, drugs, etc. sites rather than by URL or addresses.Is either the RV042G or the ISA570 capable of doing this?Are both routers to be available long term? ie, they are not on any end-of lists? I've looked and did not see them on any.Is the RV042G capable of handling an office even starting with 45 PC's? If not, is the 570 a good fit?
I have a Cisco RV082 that doesn't appear to filter any selected categories. To run through what i've done so far, within the 'Web Protection' screen i've: enabled URL filteringconfigured a number of categories to filter by putting a tick in the repective business hours boxset the business days to 7 days a weekspecified business time as 24hrshit the save button.
My licence appears as activated and my platform shows as "gateway service".I've gone on to a number of machines and all are able to access websites that fall under my blocked category (facebook for example even though i've blocked the social networking category).
I have a Cisco SR-520 router which I am trying to configure and install the IOS content filter. I have read many of the documents on this but some of the lines do not work, from using the pages belowURL you are supposed to enter parameter maps as follows:-
parameter-map type trend-global global-param-map server trps.trendmicro.com cache-size maximum-memory 256 cache-entry-lifetime 1
The router has 12.4 (20) T4, which is supposed to be supported, the only other way of configuring is using CCP which is not compatible with SR-520's you recieve hardware not supported message's.
I'm looking for a content filtering/antivirus/antispyware appliance for my company. Right now we have an ASA 5505 at the edge. We have several outside employees connecting via Cisco VPN clients to the ASA. I need an appliance that can do content filtering for my inside network, guest network, and VPN users. That's two local VLANs and a VPN pool which are all terminated at the ASA.
I've had good luck with Cymphonix in the past, but their boxes are a bit steep for the amount of throughput I need. We'll probably be moving from a 15/15 fiber connection to 80/10 cable soon since our provider can't seem to keep us online; even with an alleged "100%" SLA. They just don't have a network capable of anything close to 100% uptime, plain and simple.
I'd like to keep the ASA running as our firewall and VPN server, so the device needs to be able to do content filtering/av/as in a transparent mode.
I know the 5510 & 5520s support the CSC-SSM module for Content Filtering (Anti-Phishing, Anti Spam, URL filtering, Anti-Spyware & Antivirus), but what about content filtering for the ASA5525-K9.The problem that I have is that I need a firewall that supports up to 1 Gbps Maximum Firewall Throughput and to support 250 users with Content Filtering described above.I'm using the following doc for sizing and came across the ASA5525-K9 for 1 Gbps, but not sure about the Content filtering: url...
I have IOS content filtering using the Trend Micro subscription service working on a 2911 running 15.1.(3)T3 with the security license option and a 30 day demo Trend subscription. Once I figured out that the content filtering for Trend appears to be completely broken in 15.2 (even using docs for 15.2) I went back to 15.1 and it works great.
Everything seems great so far except I would like to have a more 'fancy' or custom blocked page where a user can have a couple links to either go to the trend micro reporting page [URL] or some other page, and maybe some branding so they know the page is coming from our network and is not some fake security thing or phishing attempt or whatever.
I know I can use the 'parameter-map type urlf policy trend ' section to do a tiny bit of customization of the text that appears on the default blocked page display and there is an option for it to go to a simple redirect instead ('block-page redirect -url') but how to do more with either the built in page or the redirect- url to keep the information of what page the user was trying to access and why it was blocked (category etc.) while adding more features.
Oh, one last thing, this doesn't support any kind of 'user override' or anything like that does it? So that a network can have a filter applied but an admin could override the filtering to allow temporary access to something?
I found an interesting manual at this forum for blocking websites whits local content filtering. After I've modified the variables to get more details, I stopped at on question. My current Problem is "zone-pair.
zone security Z-SECRUTIY-SOURCE zone security Z-SECRUTIY-DESTINATION zone-pair security ZP-SECURITY source Z-SECRUTIY-SOURCE destination Z-SECRUTIY-DESTINATION service-policy type inspect CM-INSPECT-TRAFFIC
I have two devices: One is a Linksys WRG54G router. The other is a PC running the Smoothwall router software with URL filtering. Either would work fine on its own as a router. I'm wanting to use them both, though, because each offers different features.Right now, the Linksys router is connected to the WAN and is my DHCP server. Its IP is 192.168.0.1. The Smoothwall box has a static IP of 192.168.0.2. I want all web traffic to go through Smoothwall (192.168.0.2) because it offers good web filtering.
I know I could use Smoothwall as my router and rid of the Linksys, but the whole idea behind this is to use the QoS and other features that Linksys firmwares offer (such as Tomato or DD-WRT), but still keep the ability to filter URLs.
1. I'm interested if it's possible to block certain contetn only at certain time ? e.g. We would like to block facebook from 7:00 to 10:00 and from 11:00 to 15:00. I was going through cisco manuals but can't find the right answer to this.
2. Cisco 871 has 4 LAN interfaces and one WAN interface. Currently WAN interface is connected to adsl modem in bridge mode and LAN 0 interface is connected to switch.
I'm interested if I could use remaining 3 LAN interfaces for adsl connections same as I'm using WAN interface. Then I would create vlans that would use LAN interface 0. Each of those VLAN's would use different adsl connection.I would assign different IP to each VLAN's so users would be able to change their gateway and use different ADSL connection.
It took me some time to get the load balancing (RV042 V3, v4.0.4.02-tm) working (my provider ist not returning any packets by the gateway ip on a ping). No I am ruinning into a performance issue. After activating PrtotectLink it takes a few hours or one or two days and the RV042 is reacting very slow. I need to reboot the RV042 and everything is ok again for some time ....Deactivating ProtectLink does not work only rebooting speeds the system up again.ProtectLink ist useless this way, anything I can do to get ProtectLink working?
We have successfully activated Protectlink Web but as we have observed that when we try to restart our router, Cisco Protectlink status is active but then when you look on license information on platform the status just states there is "Waiting...."Web Protection no longer working..In order for us to resolve this. We have to restore our router to factory default and then activate Protectlink and set all the settings again..As I have said this only happens when we restart our router?
We have implemented Cisco Protectlink Web Protection on our network.
By choosing the categories that we want to block everything worked well until we have noticed that when users try to browse social networking sites like [URL] this site is blocked but when users type in [URL] users that go directly to facebook.
and also with youtube if they add https:// users can then bypass our network block.
Is this somewhat a bug on the Protectlink Categories blocking?
Just a few weeks ago I purchased a rvs4000 router. On that small business device is a product called protectlink. To get an activation key, you need a registration key first. That is normal in the package. However, my wify like to cleanup up and throws stuff away that she should not do. So, I lost the registration key.
It is impossible to key a new registration key. The webstore does not have them. They are in the package and will not open an other one. Cisco (if you can get passed the ...you don't have a support contract...go away statement) does not even know that they have this product. Registration keys, never heard of it. But you get the normal ... go to the webstore or trendmicro.... And that after the statement, we don't know that product. How do you know that this is a trenmicro piece of software.....
getting a registration key for a cisco small business router rvs4000 to obtain an activation code for the cisco/trensmicro protectlink product.
I have activated Protectlink Web. But today i started to get "router is busy" in all pages, so we restarted the router. That problem was solved but now the the web Protection is no longer working. It says activated but licence status says waiting.
My customer's Protectlink license is set to expire in 2 weeks. I would like to enter the activation code I just obtained, but cannot find the link. When I go to the license page in the router, there is a link to renew, but that just takes me to the website to enter the new key code, then receive an activation code. There is not howver any link to enter the activation code. I assume that once the license actually expires, the activation link will then show up, but there must be a way to get to this page ahead of time.
A client of mine has an RV042 and wanted a trial of the ProtectLink Web content filtering. The trial has expired but the RV042 is still blocking websites such as Facebook. They have requested a user to have access but I can no longer modify the ProtectLink settings.
We have in our business some RV042 with Cisco ProtectLink Webfiltering. Until now we do not had any problem of activate the licence and it works has we axpected.
But the two last time that we went through the install procedure outlined in the ProtectLink Gateway install manual, the both RV042 do not run the service, we do not know why... So we have decide to stop buy and sold them until we find a solution.
The firmware install are the last one.
When I try to activate the product again, it shows as "Already registered". Trend has no idea why it won't work. They said Cisco sold the license, so try their support.
I have upgraded to the new RV042G to take advantage of the gigabit Ethernet speeds and to prepare for when our ISP upgrades our bandwidth. I currently use the RV042 with Protect Link enabled to filter out various categories from our network traffic. I noticed that this feature is not included with the RV042G.
Is this something Cisco will decide to add back in later? In the meantime, how to block content on the network? The basic URL and keyword filter will not meet our needs, since it is much easier to let a service such as Trend Micro manage what is blocked in the categories they offer.
I managed to block as much of the streaming video (using URL Blocks of .flv, .wmv, etc...) how do I block YouTube.com for 23 hours of the day (or allow access for 1 hour a day)...but maintaining all the other blocks intact 24 hours a day?
Also is there a way to block p2p file sharing (BitTorrent)?
I want to make a question about RV042. I used RV042 router in my office. I used content filter feature in router.Althought this have not been apply the rules. I think I made wrong rules.I enabled the block enable forbbiden domain .And then added the websites that I want block.However, these websites are still browsing in local computer.
I have come across articles mentioning that URL Filtering can be implemented by using ASA 5505 with URL Filtering Servers. But Websense and other Web Filtering Servers are paid ones ? Are there any free solutions available ? What exactly is N2H2 ? The reason is I don 't want to increase the CPU utilization of ASA by implementing URL filtering within the device. If I have around 30 nodes which connects to the internet via a 2Mbps line through ASA 5505 and if I want to block around say 10 or 15 URLs , will it increase CU utilization beyond permissible limits ? Currently the CPU Utilization is around 10 - 15 . Here's the infrastructure setup .
I have added a list of Mac numbers for allowed devices & checked the enable mac filtering box,but did not check the block box.All the Mac number devices, cannot access the wifi.But if I uncheck the "enable mac filtering box"all the Mac number devices can access the wifi.This also include other devices not in the list can also access to the wifi.It seem that the router can only block mac number BUT cannot have "allow list"I checked my firmware = 1.00.22 (Aug31 2000 14.36.01)Is this the latest firmware??