Adil, Since FB is using HTTPS there is no way to block it with url matching. The URL is encrypted. All you can do is to block based on IP which can be difficult and not reliable.
It could be possible using FPM on the routers by matching CN in the certificate. Other option in real life is to have ASA-CX :) Regards, Piotr On Oct 11, 2012, at 9:59 PM, Adil Pasha wrote: > Hi guys, > Does anyone know how to block https://www.facebook.com/login.php page using > MPF? > > The only way I am able to block Facebook login page is using the following: > > policy-map type inspect http BlockDomainClass_user2 > parameters > protocol-violation action reset log > class BlockDomainClass_user2 > > But if you use protocol-violation command it blocks all https traffic to any > website. Any explanation? > > All the explanation on these websites did not work. Seems like Facebook has > hired some really advance level developers :) > > > http://www.handbook.dk/block-domains-on-a-cisco-asa-152.htm > https://supportforums.cisco.com/docs/DOC-1268 > And new 8.4 version has a very basic solution: > https://supportforums.cisco.com/docs/DOC-1268 > > > The normal configuration on the following links cannot block the above link. > Also, if the above link can be launched using Google.com search and then > click on Login. > > I am not finding any solution. > > This better not be the exam question till Cisco completely provides the > solution. I have tested it using ver 8.2, 8.3 and 8.4. > > Thanks for any help in advance. > > Best Regards. > ______________________ > Adil > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
