From: Ahmed Ejaz (aahmedejaz@gmail.com)
Date: Tue Oct 28 2008 - 09:37:04 ARST
Hi,
These are the recomended steps to enable filtering from Cisco:
*1. **enable*
*2. **configure* *terminal *
*3. **ip inspect name* *inspection-name** *http [*java-list* *access-list*]
[*urlfilter*] [*alert* {*on* | *off*}] [*audit-trail* {*on* | *off*}] [*
timeout* *seconds*]
*4. **ip inspect* inspection-name {*in *|* out*}
*5. *interface type slot/port
*6. **ip urlfilter server vendor* {*websense* | *n2h2*}* ip-address* [*port*
* port-number*] [*timeout* *seconds*] [*retransmit* *number**]*
*7. **ip urlfilter alert*
*8. **ip urlfilter audit-trail*
*9. **ip urlfilter urlf-server-log*
*10. **ip urlfilter exclusive-domain *{*permit* | *deny*} *domain-name*
*11. **ip urlfilter cache **number*
*12. **ip urlfilter allowmode *[*on* | *off*]
*13. *ip urlfilter max-resp-pak *number*
*14. **ip urlfilter max-request **number*
Hope it works for you.
On Tue, Oct 28, 2008 at 12:33 PM, Farrukh Haroon <farrukhharoon@gmail.com>wrote:
> Those are PIX/ASA commands AFAIR.
>
> Regards
>
> Farrukh
>
> On Tue, Oct 28, 2008 at 11:26 AM, Ajay mehra <ajaymehra01@gmail.com>wrote:
>
>> Hi Ahmed,
>>
>> I do not have "filter" or "ip filter" command in my IOS,
>> I am using
>> IOS (tm) 3700 Software (C3725-JK9O3S-M), Version 12.3(26), RELEASE
>> SOFTWARE (fc2)
>> Thanks,
>> Ajay
>>
>> 2008/10/27 Ahmed Ejaz <aahmedejaz@gmail.com>
>>
>> Hi,
>>>
>>> Add the following command to enable filtering:
>>>
>>> filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
>>> OR
>>> ip filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
>>>
>>> If you want to exclude any server or machine to go through the filter
>>> then add the ip of that server through this:
>>>
>>> filter url except 0.0.0.0 0.0.0.0 10.1.1.1 255.255.255.255 ----> (
>>> 10.1.1.1 server ip)
>>> OR
>>> ip filter url except 0.0.0.0 0.0.0.0 10.1.1.1 255.255.255.255 ---->
>>> (10.1.1.1 server ip)
>>>
>>> Let me know if this helps
>>>
>>> Regards,
>>>
>>> Ahmed
>>>
>>>
>>>
>>> On Mon, Oct 27, 2008 at 4:45 PM, Farrukh Haroon <farrukhharoon@gmail.com
>>> > wrote:
>>>
>>>> I faced the same issue when studying for my security lab. Could not
>>>> solve it
>>>> easily so just ignored it (assuming there is no webense server in the
>>>> real
>>>> lab). The decision paid off in the end :). Seemed like a bug to me. As
>>>> you
>>>> see it lists your server as 'secondary' and not 'primary', it did the
>>>> same
>>>> for me. I was running 12.2(X)T AFAIR.
>>>>
>>>> Regards
>>>>
>>>> Farrukh
>>>>
>>>> On Mon, Oct 27, 2008 at 1:30 PM, Ajay mehra <ajaymehra01@gmail.com>
>>>> wrote:
>>>>
>>>> > Hi GS,
>>>> >
>>>> > "show ip urlfilter config" always shows that Websense URL Filtering
>>>> is
>>>> > DISABLED.
>>>> >
>>>> > 1: is there any command that I am missing which will enable
>>>> urlfiltering?
>>>> > 2: Whatever servers I configure all are shown under secondary servers,
>>>> why?
>>>> >
>>>> >
>>>> > here are the configs and show command output
>>>> >
>>>> > ip inspect name FILTER http urlfilter alert on audit-trail on
>>>> > ip urlfilter allow-mode on
>>>> > ip urlfilter cache 200000
>>>> > ip urlfilter exclusive-domain permit cisco.com
>>>> > ip urlfilter audit-trail
>>>> > ip urlfilter server vendor websense 11.0.0.100
>>>> > ip urlfilter server vendor websense 150.1.1.1
>>>> >
>>>> >
>>>> > Rack1R6(config)#do sh ip url con
>>>> > Websense URL Filtering is DISABLED <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>>> > Primary Websense server configurations
>>>> > =========================================
>>>> > Secondary Websense servers configurations
>>>> > ============================================
>>>> > Websense server IP address Or Host Name: 11.0.0.100
>>>> > Websense server port: 15868
>>>> > Websense retransmission time out: 6 (in seconds)
>>>> > Websense number of retransmission: 2
>>>> > Websense server IP address Or Host Name: 150.1.1.1
>>>> > Websense server port: 15868
>>>> > Websense retransmission time out: 6 (in seconds)
>>>> > Websense number of retransmission: 2
>>>> > Other configurations
>>>> > =====================
>>>> > Allow Mode: ON
>>>> > System Alert: ENABLED
>>>> > Audit Trail: ENABLED
>>>> > Log message on Websense server: DISABLED
>>>> > Maximum number of cache entries: 200000
>>>> > Maximum number of packet buffers: 200
>>>> > Maximum outstanding requests: 1000
>>>> >
>>>> > Thanks for your help,
>>>> >
>>>> > Ajay
>>>> >
>>>> >
>>>> > Blogs and organic groups at http://www.ccie.net
>>>> >
>>>> >
>>>> _______________________________________________________________________
>>>> > Subscription information may be found at:
>>>> > http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:23 ARST