CCSP SNRS Lab4 – Port to Application Mapping & URL Filtering – Free Cisco Training & Resources

【Lab Topology】

【Lab Process】

Continue Lab3 to configure

1. URLFiltering：

GW(config)#ip inspect name CBAC http java-list 2 urlfilter

GW(config)#ip urlfilter audit-trail

GW(config)#ip urlfilter server vendor websense 192.168.1.241

2. There are two types of vendors: websense and N2H2

GW(config)#ip urlfilter exclusive-domain permit www.pass4sure.com

GW(config)#ip urlfilter exclusive-domain deny www.cisco.com

3. Entering these sites will be permitted or denied without requiring filter server.

GW(config)# ip urlfilter allow-mode on

4. When the router can’t be connected to the filer server, all http requests will be permitted, the default is off with prohibiting.

GW(config)#show ip urlfilter cache

GW(config)#show ip urlfilter config

GW(config)#show ip urlfilter statistics

5. PAM:

GW(config)#ip port-map http port 8080

GW(config)#ip port-map ftp port 2121 list 5

GW(config)#access-list 5 permit 192.1.1.0 0.0.0.255

GW(config)#access-list 10 permit 192.2.2.1 255.255.255.255

GW(config)#access-list 11 permit 192.2.2.2 255.255.255.255

GW(config)#ip port-map ftp port 80 list 10

GW(config)#ip port-map https port 80 list 11

[k1]The default is 5000.

[k2]The default is 150.

[k3]The default is 1000.