CCSP SNRS Lab4 – Port to Application Mapping & URL Filtering

Ensurepass

Lab Topology

Lab Process

Continue Lab3 to configure

1. URLFiltering:

GW(config)#ip inspect name CBAC http java-list 2 urlfilter

GW(config)#ip urlfilter audit-trail

GW(config)#ip urlfilter server vendor websense 192.168.1.241

2. There are two types of vendors: websense and N2H2

GW(config)#ip urlfilter exclusive-domain permit www.pass4sure.com

GW(config)#ip urlfilter exclusive-domain deny www.cisco.com

3. Entering these sites will be permitted or denied without requiring filter server.

GW(config)# ip urlfilter allow-mode on

4. When the router can’t be connected to the filer server, all http requests will be permitted, the default is off with prohibiting.

GW(config)#ip urlfilter cache 4000 [k1]

GW(config)#ip urlfilter max-resp-pak 150 [k2]

GW(config)#ip urlfilter max-request 500 [k3]

GW(config)#show ip urlfilter cache

GW(config)#show ip urlfilter config

GW(config)#show ip urlfilter statistics

5. PAM:

GW(config)#ip port-map http port 8080

GW(config)#ip port-map ftp port 2121 list 5

GW(config)#access-list 5 permit 192.1.1.0 0.0.0.255

GW(config)#access-list 10 permit 192.2.2.1 255.255.255.255

GW(config)#access-list 11 permit 192.2.2.2 255.255.255.255

GW(config)#ip port-map ftp port 80 list 10

GW(config)#ip port-map https port 80 list 11


[k1]The default is 5000.

[k2]The default is 150.

[k3]The default is 1000.





[Report Dead Link] Please leave a comment or send email to report dead links, so that we will update new links within 24 hours.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.