Re: websense urlfiltering always shown as disabled

From: Ajay mehra (ajaymehra01@gmail.com)
Date: Tue Oct 28 2008 - 06:26:42 ARST

Hi Ahmed,

I do not have "filter" or "ip filter" command in my IOS,
I am using
IOS (tm) 3700 Software (C3725-JK9O3S-M), Version 12.3(26), RELEASE SOFTWARE
(fc2)
Thanks,
Ajay

2008/10/27 Ahmed Ejaz <aahmedejaz@gmail.com>

> Hi,
>
> Add the following command to enable filtering:
>
> filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
> OR
> ip filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
>
> If you want to exclude any server or machine to go through the filter then
> add the ip of that server through this:
>
> filter url except 0.0.0.0 0.0.0.0 10.1.1.1 255.255.255.255 ----> (
> 10.1.1.1 server ip)
> OR
> ip filter url except 0.0.0.0 0.0.0.0 10.1.1.1 255.255.255.255 ----> (
> 10.1.1.1 server ip)
>
> Let me know if this helps
>
> Regards,
>
> Ahmed
>
>
>
> On Mon, Oct 27, 2008 at 4:45 PM, Farrukh Haroon <farrukhharoon@gmail.com>wrote:
>
>> I faced the same issue when studying for my security lab. Could not solve
>> it
>> easily so just ignored it (assuming there is no webense server in the real
>> lab). The decision paid off in the end :). Seemed like a bug to me. As you
>> see it lists your server as 'secondary' and not 'primary', it did the same
>> for me. I was running 12.2(X)T AFAIR.
>>
>> Regards
>>
>> Farrukh
>>
>> On Mon, Oct 27, 2008 at 1:30 PM, Ajay mehra <ajaymehra01@gmail.com>
>> wrote:
>>
>> > Hi GS,
>> >
>> > "show ip urlfilter config" always shows that Websense URL Filtering is
>> > DISABLED.
>> >
>> > 1: is there any command that I am missing which will enable
>> urlfiltering?
>> > 2: Whatever servers I configure all are shown under secondary servers,
>> why?
>> >
>> >
>> > here are the configs and show command output
>> >
>> > ip inspect name FILTER http urlfilter alert on audit-trail on
>> > ip urlfilter allow-mode on
>> > ip urlfilter cache 200000
>> > ip urlfilter exclusive-domain permit cisco.com
>> > ip urlfilter audit-trail
>> > ip urlfilter server vendor websense 11.0.0.100
>> > ip urlfilter server vendor websense 150.1.1.1
>> >
>> >
>> > Rack1R6(config)#do sh ip url con
>> > Websense URL Filtering is DISABLED <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>> > Primary Websense server configurations
>> > =========================================
>> > Secondary Websense servers configurations
>> > ============================================
>> > Websense server IP address Or Host Name: 11.0.0.100
>> > Websense server port: 15868
>> > Websense retransmission time out: 6 (in seconds)
>> > Websense number of retransmission: 2
>> > Websense server IP address Or Host Name: 150.1.1.1
>> > Websense server port: 15868
>> > Websense retransmission time out: 6 (in seconds)
>> > Websense number of retransmission: 2
>> > Other configurations
>> > =====================
>> > Allow Mode: ON
>> > System Alert: ENABLED
>> > Audit Trail: ENABLED
>> > Log message on Websense server: DISABLED
>> > Maximum number of cache entries: 200000
>> > Maximum number of packet buffers: 200
>> > Maximum outstanding requests: 1000
>> >
>> > Thanks for your help,
>> >
>> > Ajay
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:23 ARST