Hi,
I have a ASA with the configuration below to block 3 domains. This blocking works fine, and for some time I thought everything was great.
But then I realized that some websites was down or unstable ex: windows update. If I disable the configuration with: no service-policy inside-policy interface inside
Everything comes back to life... am I doing something wrong?
//Cosmic
regex domainlist1 "\\.dating\\.dk" regex domainlist2 "\\.facebook\\.dk" regex domainlist3 "\\.facebook\\.com"
access-list inside_mpc extended permit tcp any any eq www access-list inside_mpc extended permit tcp any any eq 8080
class-map type regex match-any DomainBlockList match regex domainlist1 match regex domainlist2 match regex domainlist3
class-map type inspect http match-all BlockDomainsClass match request header host regex class DomainBlockList class-map inspection_default match default-inspection-traffic class-map httptraffic match access-list inside_mpc ! policy-map type inspect http http_inspection_policy parameters protocol-violation action drop-connection match request method connect drop-connection log class BlockDomainsClass reset log
policy-map inside-policy class httptraffic inspect http http_inspection_policy! service-policy inside-policy interface inside