CCSP SNRS Lab4 - Port to Application Mapping & URL Filtering : Free Cisco Training & Resources - Certification Exam Preparation : https://www.ciscobibles.com

This page was exported from Free Cisco Training & Resources - Certification Exam Preparation [ https://www.ciscobibles.com ]
Export date: Sun May 11 13:30:30 2025 / +0000 GMT

CCSP SNRS Lab4 - Port to Application Mapping & URL Filtering

【Lab Topology】

【Lab Process】

Continue Lab3 to configure

1. URLFiltering：

GW(config)#ip inspect name CBAC http java-list 2 urlfilter

GW(config)#ip urlfilter audit-trail

GW(config)#ip urlfilter server vendor websense 192.168.1.241

2. There are two types of vendors: websense and N2H2

GW(config)#ip urlfilter exclusive-domain permit www.pass4sure.com

GW(config)#ip urlfilter exclusive-domain deny www.cisco.com

3. Entering these sites will be permitted or denied without requiring filter server.

GW(config)# ip urlfilter allow-mode on

4. When the router can't be connected to the filer server, all http requests will be permitted, the default is off with prohibiting.

GW(config)#ip urlfilter cache 4000 [k1]

GW(config)#ip urlfilter max-resp-pak 150 [k2]

GW(config)#ip urlfilter max-request 500 [k3]

GW(config)#show ip urlfilter cache

GW(config)#show ip urlfilter config

GW(config)#show ip urlfilter statistics

5. PAM:

GW(config)#ip port-map http port 8080

GW(config)#ip port-map ftp port 2121 list 5

GW(config)#access-list 5 permit 192.1.1.0 0.0.0.255

GW(config)#access-list 10 permit 192.2.2.1 255.255.255.255

GW(config)#access-list 11 permit 192.2.2.2 255.255.255.255

GW(config)#ip port-map ftp port 80 list 10

GW(config)#ip port-map https port 80 list 11

[k1]The default is 5000.

[k2]The default is 150.

[k3]The default is 1000.

Post date: 2010-08-17 08:24:33
Post date GMT: 2010-08-17 00:24:33
Post modified date: 2010-08-17 08:24:33
Post modified date GMT: 2010-08-17 00:24:33