i think i did url filtering without putting inspect http in that MPF . 

Date: Thu, 10 Nov 2011 17:39:36 +0530
From: [email protected]
To: [email protected]
CC: [email protected]
Subject: Re: [OSL | CCIE_Security] Is http inspection required for filter

But I have never come across any samples or cisco docs claiming that it is 
required.


With regards
Kings

On Thu, Nov 10, 2011 at 5:30 PM, Fawad Khan <[email protected]> wrote:

I take my words back ... HTTP is not enabled by default in MPF... FTP, ESMTP 
and DNS are.... I guess morning coffee didnt work so far.
 but I am certain that we need to enable to http in mPF for url filtering to 
work properly.

  FNK

On Thu, Nov 10, 2011 at 6:16 AM, FNK <[email protected]> wrote:



Yes. Http needs to be enabled. Same goes for DNA doctoring where we we put 
'dns' keyword at the end of the traffic. We need to enable DNs mpf as well
Http, esmtp and DNs are enabled by default



FNKSent from an iPhone

On Nov 10, 2011, at 1:11 AM, Kingsley Charles <[email protected]> 
wrote:




Hi all

As per the following snippet, http inspection is required for filtering. 

Snippet from 
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/inspect.html#wp1335632






Use the HTTP inspection engine to protect against specific 
attacks and other threats that may be associated with HTTP traffic. HTTP 
inspection performs several functions: 
•Enhanced HTTP 
inspection 
•URL screening 
through N2H2 or Websense 
•Java and ActiveX 
filtering 
The latter two features are configured in conjunction with 
the filter command. 
I configured a dummy non existent url-server and configured the following rule. 
Hence any http request will be dropped as there is no "allow" configured along 
with the following rule. My http request 




gets denied across the ASA but I didn't enable http inspection. 

filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0


My default, http inspection is not configured under policy-map global_policy.




If there is a task asked to configure for filtering, should we enable http 
inspection or not?



With regards
Kings

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com




Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com






_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com                                         
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com

Reply via email to