And I don't know if the "parameter-map type urlfilter NAME" is the right command.
I tried it against two images, advsecurity and adventerprise and none of them allows "urlfilter" after the type of parameter map. Acceptable options are urlfpolicy and urlf-glob which are essentially good and quite usable for local URL filtering applications. I configured a bunch of the clients routers with ZBF using parameter maps to do local URL filtering for a number of social networking sites Eugene From: [email protected] [mailto:[email protected]] On Behalf Of Mark Senteza Sent: Tuesday, November 09, 2010 7:59 PM To: [email protected] Subject: [OSL | CCIE_Security] parameter-map type urlfilter Hey all, I'd like some clarification on the "exclusive-domain" command under the parameter-map type urlfilter command. My understanding is that the exclusive-domain list is a list of domains that are excluded from lookup requests being sent to the URL filter server for. I hope thus far I am correct. My confusion is with the "deny" or "permit" statement. Does the deny statement mean dont bother sending a request to the URL filter server and just deny all traffic sent to the specified domain ? And does the "permit" mean dont bother sending a request to the URL filter server and proceed to permit all traffic sent to the specified domain? Unfortunately, I dont have a Websense server to test this, so I was hoping somebody could enlighten me on this. If the configuration below was used, for example, what would it do: parameter-map type urlfilter URLFILTER-PARAMAP server-vendor websense 192.168.90.90 exclusive-domain deny example.com Thanks again Mark
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
