Blocking URL but allow from certain ips on Cisco ASA

(config)# dns domain-lookup outside
(config)# dns server-group DefaultDNS
(config)# name-server 8.8.8.8
(config)# name-server 8.8.4.4
(config)# domain-name poc.local
(config)# object network jobstreet.com
(config-network-object)# fqdn jobstreet.com
(config-network-object)# fqdn www.jobstreet.com
(config)# access-list acl-inside line 1 extended permit ip 192.168.88.101 255.255.255.255 object jobstreet.com
(config)# access-list acl-inside line 2 extended deny ip any object jobstreet.com
(config)# access-group acl-inside in interface inside
WEAKNESS:
-can be bypassed using ZenMate Chrome extention
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s