Guidelines and limitations for activex filtering, Configuring activex filtering, Configuration examples for activex filtering – Cisco ASA 5505 User Manual

Page 799: Configuring activex

Advertising
background image

39-3

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 39 Configuring Filtering Services

Licensing Requirements for ActiveX Filtering

Guidelines and Limitations for ActiveX Filtering

This section includes the guidelines and limitations for this feature.

Context Mode Guidelines

Supported in single and multiple context mode.

Firewall Mode Guidelines

Supported in routed and transparent firewall mode.

IPv6 Guidelines

Does not support IPv6.

Configuring ActiveX Filtering

To remove ActiveX objects in HTTP traffic that is passing through the ASA, enter the following
command:

Configuration Examples for ActiveX Filtering

You can set either address to 0.0.0.0 (or in shortened form, 0) to specify all hosts. You can use 0.0.0.0
for either mask (or in shortened form, 0) to specify all masks. This command specifies that the ActiveX
object blocking applies to HTTP traffic on port 80 from any local host and for connections to any foreign
host.

The following example shows how to configure ActiveX filtering to block all outbound connections:

hostname(config)# filter activex 80 0 0 0 0

The following example shows how to remove ActiveX filtering:

hostname(config)# no filter activex 80 0 0 0 0

Command

Purpose

filter activex

port[-port] local_ip

local_mask foreign_ip foreign_mask

Example:

hostname# filter activex 80 0 0 0 0

Removes ActiveX objects. To use this command, replace port[-port] with
the TCP port to which filtering is applied. Typically, this is port 80, but
other values are accepted. The http or url literal can be used for port 80.
You can specify a range of ports by using a hyphen between the starting
port number and the ending port number. The local IP address and mask
identify one or more internal hosts that are the source of the traffic to be
filtered. The foreign address and mask specify the external destination of
the traffic to be filtered.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals