Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: can restrict users from accessing internet through ASA

can restrict users from accessing internet through ASA 8 years 7 months ago #33104

  • lily
  • lily's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 1
  • Thank you received: 0
Hi

We have our proxy server and the ASA firewall to restrict users form accessing the internet. But users are accessing the internet even when no proxy configured on their brouser.

U have these configs into the ASA:

object-group network proxies
network-object host 10.102.148.7
network-object host 10.102.148.8
network-object host 10.102.148.9

access-list insideoutbound extended permit ip object-group proxies any

I don't know what is missing for me to restrict internet access.
Could you please advise?

am always so happy... 8 years 7 months ago #33106

Hello Lily i am always so happy when i see ladies on this site. Stick around an answer to ur question is on the way. But have u re - checked everything (ur config) @ Server end. I don't see how clients are able to browse without using proxy on a proxy network setup with ASA firewall. Ok Lily if u really have people testing rogue softwares that by pass proxy u need to disable some port numbers i think...

Lets chill i hear from another G33k. Re - Check ur config while we wait.


C0DE - 3

Re: can restrict users from accessing internet through ASA 8 years 7 months ago #33175

make the access list more restrictive by allowing only HTTP, HTTPs traffic from proxies to outside.

access-list insideoutbound extended permit tcp object-group proxies any eq 80

access-list insideoutbound extended permit tcp object-group proxies any eq 443

access-list insideoutbound extended deny ip any any log
  • Page:
  • 1
Time to create page: 0.135 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup