Firewall Wizards mailing list archives
Re: Cisco ASA 5510 and proxy server detection
From: nick leachman <nleachman () gmail com>
Date: Wed, 8 Feb 2006 14:03:41 -0500
On 2/7/06, Aaron Smith <smitha () byui edu> wrote:
On Tue, 2006-02-07 at 06:05 -0800, John Madden wrote:Hi, Is there a way to NOT permit users from the inside to connect to a proxy server on the outside and bypassing the Web filtering software ? Thank youFight fire with fire. Force all users to use an internal proxy and only allow that proxy out. Deny the rest. ________________________________________________________________________ @@ron Smith <smitha () byui edu> Network Operations Brigham Young University Idaho _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Aaron, I'm not fluent on the 5510 per se; but if you are authenticating to an external AAA server such as a RADIUS server you might be able to set up downloadable ACLs and tie them to the users who are to be denied Internet access. The ACLs would permit traffic only to and from your internal network; so if they tried to head into the wild they'd get denied - period. Regards, nick -- "The Lord bless you and keep you; The Lord make His face to shine upon you, And be gracious to you; The Lord lift up His countenance upon you, And give you peace." - Num. 6:24-26 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Cisco ASA 5510 and proxy server detection John Madden (Feb 07)
- Re: Cisco ASA 5510 and proxy server detection Aaron Smith (Feb 07)
- Re: Cisco ASA 5510 and proxy server detection nick leachman (Feb 08)
- Re: Cisco ASA 5510 and proxy server detection Aaron Smith (Feb 09)
- Re: Cisco ASA 5510 and proxy server detection nick leachman (Feb 08)
- Cisco FWSM failover secondary power failure - message 405001 BT (Feb 19)
- Re: Cisco FWSM failover secondary power failure - message 405001 greg padden (Feb 20)
- Re: Cisco ASA 5510 and proxy server detection Aaron Smith (Feb 07)