Can Cisco ASA firewalls restrict Internet access to branch offices?

1545 pts.
Tags:
Branch Office networks
Branch offices
Cisco ASA
Cisco ASA 5505
Cisco ASA Hardware Firewall
Firewall appliances
Firewalls
Internet connection
Network security
Network security appliances
Networking
Proxy
Servers
I have a PPP network between our three office locations. In the master location I have a DSL line connected to my Layer 2 (L2) switch via a Cisco ASA 5505 Firewall. My server (ADC/DHCP/Proxy) is connected to the L2 switch. My branch office locations obtain IP through this server. I am using a Squid Windows version for my proxy, and I'm not able to restrict the Internet connection to branch offices using Squid. How can I restrict branch office users from using the Internet connection?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Does your gateway / Firewall allow internet traffic from any IP or only through the PROXY Server ? If its open for all the IP’s than users can bypass the proxy server and freely browse the internet. The best way to restrict the users is by restricting them to change any TCP / IP & Browser settings. Since you are using an AD this can easily be achieved through a Group Policy.

======================

I addition to the above you can control which IP’s and protocols have connectivity to the internet via the ASA. Maybe set it up so that only you proxy has access to browse the Internet.

<a href=”http://www.ketchumits.com”>www.ketchumits.com</a>

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • NetworkingATE
    [...] Can Cisco ASA firewalls restrict Internet access to branch offices? [...]
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following