Cisco ASA 5505 User Manual
Page 805
 
39-9
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 39 Configuring Filtering Services
Filtering URLs and FTP Requests with an External Server
For Websense:
hostname(config)# url-server (if_name) host local_ip
[timeout seconds] [protocol TCP | UDP
version [1|4]
[connections num_conns]]
Example:
hostname(config)# url-server (perimeter) host
10.0.1.1 protocol TCP version 4
Identifies the address of the filtering server. if_name 
is the name of the ASA interface connected to the 
filtering server (the default is inside). For the vendor 
{secure-computing | n2h2} option, use 
secure-computing as the vendor string; however, 
n2h2 is acceptable for backward compatibility. When 
the configuration entries are generated, 
secure-computing is saved as the vendor string. The 
host local_ip option is the IP address of the URL 
filtering server. The port number option is the Secure 
Computing SmartFilter server port number of the 
filtering server; the ASA also listens for UDP replies 
on this port.
Note
The default port is 4005, which is used by the 
Secure Computing SmartFilter server to 
communicate to the ASA via TCP or UDP. 
For information about changing the default 
port, see the Filtering by N2H2 
Administrator's Guide.
The timeout seconds option is the number of seconds 
that the ASA should keep trying to connect to the 
filtering server. The connections number option is 
the number of tries to make a connection between the 
host and server.
The example identifies a Websense filtering server 
with the IP address 10.0.1.1 on a perimeter interface 
of the ASA.Version 4, which is enabled in this 
example, is recommended by Websense because it 
supports caching. 
For Secure Computing SmartFilter (formerly N2H2):
hostname(config)# url-server (if_name) vendor
{secure-computing | n2h2} host
local_ip [port number] [timeout seconds] [protocol
{TCP [connections number]} | UDP]
Example:
hostname(config)# url-server (perimeter) vendor n2h2
host 10.0.1.1
hostname(config)# url-server (perimeter) vendor n2h2
host 10.0.1.2
The example identifies redundant Secure Computing 
SmartFilter servers that are both on a perimeter 
interface of the ASA.
Command
Purpose