Cisco 7604 Configuration Manual page 365
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Chapter 18
Applying Filtering Services
Identify the address of the filtering server using the url-server command:
For Websense:
hostname(config)# url-server (if_name) vendor websense host local_ip [timeout seconds]
[protocol {TCP | UDP | connections num_conns] | version 4][context-name]
Note
The context-name option is only available with websense version 4.0 and not with verion 1.0, and this
feature can be configured only in multiple context mode.
For Secure Computing SmartFilter (formerly N2H2):
hostname(config)# url-server (if_name) vendor {smartfilter | n2h2} host
<local_ip> [port <number>] [timeout <seconds>] [protocol {TCP [connections <number>]} |
UDP]
where <if_name> is the name of the security appliance interface connected to the filtering server.
For the vendor {smartfilter | n2h2}, you can use 'ssmartfilter as a vendor string, however, 'n2h2' is
acceptable for backward compatibility. When the configuration entries are generated, 'smartfilter' is
saved as the vendor string.
The host <local_ip> is the IP address of the URL filtering server.
The port <number> is the Secure Computing SmartFilter server port number of the filtering server; the
FWSM also listens for UDP replies on this port.
The default port is 4005. This is the default port used by the Secure Computing SmartFilter server to
Note
communicate to the FWSM via TCP or UDP. For information on changing the default port, see the
Filtering by N2H2 Administrator's Guide.
The timeout <seconds> is the number of seconds the security appliance should keep trying to connect
to the filtering server.
The connections <number> is the number of tries to attempt to make a connection between the host and
server.
Context-name sends each websense query for policy lookups on the websense server.
For example, to identify a single Websense filtering server, enter the following command:
hostname(config)# url-server (perimeter) host 10.0.1.1 protocol TCP version 4
This identifies a Websense filtering server with the IP address 10.0.1.1 on a perimeter interface of the
FWSM.Version 4, which is enabled in this example, is recommended by Websense because it supports
caching.
To identify redundant Secure Computing SmartFilter servers, enter the following commands:
hostname(config)# url-server (perimeter) vendor n2h2 host 10.0.1.1
hostname(config)# url-server (perimeter) vendor n2h2 host 10.0.1.2
This identifies two Sentian filtering servers, both on a perimeter interface of the FWSM.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Filtering URLs and FTP Requests with an External Server
18-5
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
