Cisco ASA 5510: Blocking access by domain name

By -
Was requested to block domains to a certain group of users. This is the code I use on my Cisco 5510 IOS 7.2(2)  to block facebook.com

! define the domains that you want to block

regex domain1 "\.facebook\.com"
regex domain2 "facebook\.com"


! identify the users' IP addresses. ie, the users you want to block
! if you want to block all, replace 'host 192.168.0.x' with 'any'

access-list inside_mpc extended permit tcp host 192.168.0.100 any eq www 
access-list inside_mpc extended permit tcp host 192.168.0.101 any eq www 


  

class-map type regex match-any DomainBlockList
 match regex domain1
 match regex domain2

class-map type inspect http match-all BlockDomainsClass
 match request header host regex class DomainBlockList
class-map inspection_default
 match default-inspection-traffic
class-map httptraffic
 match access-list inside_mpc

policy-map type inspect http http_inspection_policy
 parameters
  protocol-violation action drop-connection
  match request method connect
  drop-connection log
 class BlockDomainsClass
 reset log

policy-map inside-policy
class httptraffic
inspect http http_inspection_policy

service-policy inside-policy interface inside
 

Comments

Post a Comment

Popular posts from this blog

Windows RRAS VPN configuration when server is behind NAT

By -
The following configuration changes have to be done when the Windows VPN server (Remote Access and Routing Service) is behind NAT (ie, server has a private IP). To make PPTP work: Allow tcp/1723 traffic to flow through the firewall to the RRAS server Add inspect pptp on the firewall To make L2TP/IPSec work on Windows clients: On the client device, open Registry Editor Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent Add a DWORD (32-bit) key named AssumeUDPEncapsulationContextOnSendRule   Set the value to 2, and base to Hexadecimal Restart the client PC (this is important). Done!
Read more

Lenovo X1 Carbon Battery Problem - Plugged, Not Charging

By -
Solution taken from  https://stebalien.com/blog/fix-for-lenovo-x1-carbon-not-charging/ Happened on one of our laptops. The battery was draining and if you plug in the charger, it just says "Plugged In, Not Charging" To fix: Unplug the charger Restart the laptop Press Enter to interrupt normal startup Press F1 to enter the BIOS Seup Go to Config, Power Go to the bottom of the list where it says "Disable built-in battery". Press Enter. The laptop will shut down.  Plug in the charger and restart the laptop.
Read more

Multiple Remote Desktop sessions on Windows XP

By -
Continuing on from my last post about setting up RemoteApp on Windows XP. I needed to make the old application available to multiple users, so I have decided to modify the Terminal Service in my WinXP box to allow multiple remote session. I found the instructions here . It's pretty simple. You just need to replace termsrv.dll file and apply some registry changes. But you do have to consider that Windows XP employs a Windows File Protection system that detects when system files are changed and replaces it back with the original microsoft version of it. Here's what I did: Grab the file termsrv_sp3_patch.rar from the link above. Back the file C:\windows\system32\termsrv.dll into another location.  Open service.msc and change the Start-up property of the Terminal Service to Disabled Restart the computer. After restart, delete the file termsrv.dll from the following locations C:\windows\sytem32\ C:\windows\system32\dllcache C:\windows\ServicePacks\x86 Copy the termsrv.dll file from...
Read more