EasyManuals Logo
Home>Cisco>Network Hardware>ASA Series

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1397 background imageLoading...
Page #1397 background image
1-17
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the ASA for Cisco Cloud Web Security
Configuration Examples for Cisco Cloud Web Security
Configuration Examples for Cisco Cloud Web Security
• Single Mode Example, page 1-17
• Multiple Mode Example, page 1-18
• Whitelist Example, page 1-18
• Directory Integration Examples, page 1-19
• Cloud Web Security with Identity Firewall Example, page 1-21
Single Mode Example
The following example shows a complete configuration for Cisco Cloud Web Security:
Configure Access Lists
We recommend that you split the traffic by creating separate HTTP and HTTPS class maps so that you
know how many HTTP and HTTPS packets have gone through.
Then, if you need to troubleshoot you can run debug commands to distinguish how many packets have
traversed each class map and find out if you are pushing through more HTTP or HTTPS traffic:
hostname(config)# access-list web extended permit tcp any any eq www
hostname(config)# access-list https extended permit tcp any any eq https
Configure Class Maps
hostname(config)# class-map cmap-http
hostname(config-cmap)# match access-list web
hostname(config)# class-map cmap-https
hostname(config-cmap)# match access-list https
Configure Inspection Policy Maps
hostname(config)# policy-map type inspect scansafe http-pmap
hostname(config-pmap)# parameters
hostname(config-pmap-p)# default group httptraffic
hostname(config-pmap-p)# http
hostname(config)# policy-map type inspect scansafe https-pmap
hostname(config-pmap)# parameters
hostname(config-pmap-p)# default group httpstraffic
hostname(config-pmap-p)# https
Configure Policy Maps
hostname(config)# policy-map pmap-webtraffic
hostname(config-pmap)# class cmap-http
hostname(config-pmap-c)# inspect scansafe http-pmap fail-close
hostname(config-pmap)# class cmap-https
hostname(config-pmap-c)# inspect scansafe https-pmap fail-close
Configure Service Policy
hostname(config)# service-policy pmap-webtraffic interface inside
Configure Cloud Web Security on the ASA
hostname(config)# scansafe general-options

Table of Contents

Other manuals for Cisco ASA Series

Preview: Configuration Guide
Configuration Guide428 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
BrandCisco
ModelASA Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals