Cisco PIX 500 Series Configuration Manual page 381

Chapter 20 Applying Filtering Services
You must add the filtering server before you can configure filtering for HTTP or HTTPS with the filter
Note
command. If you remove the filtering servers from the configuration, then all filter commands are also
removed.
Identify the address of the filtering server using the url-server command:
For Websense:
hostname(config)# url-server ( if_name ) host local_ip [timeout seconds ] [protocol TCP | UDP
version [1|4] [connections num_conns ] ]
For Secure Computing SmartFilter (formerly N2H2):
hostname(config)# url-server ( if_name ) vendor {secure-computing | n2h2} host
< local_ip > [port < number >] [timeout < seconds >] [protocol {TCP [connections < number >]} |
UDP]
where <if_name> is the name of the security appliance interface connected to the filtering server (the
default is inside).
For the vendor {secure-computing | n2h2}, you can use 'secure-computing as a vendor string, however,
'n2h2' is acceptable for backward compatibility. When the configuration entries are generated,
'secure-computing' is saved as the vendor string.
The host <local_ip> is the IP address of the URL filtering server.
The port <number> is the Secure Computing SmartFilter server port number of the filtering server; the
security appliance also listens for UDP replies on this port.
The default port is 4005. This is the default port used by the Secure Computing SmartFilter server to
Note
communicate to the security appliance via TCP or UDP. For information on changing the default port,
please refer to the Filtering by N2H2 Administrator's Guide.
The timeout <seconds> is the number of seconds the security appliance should keep trying to connect
to the filtering server.
The connections <number> is the number of tries to attempt to make a connection between the host and
server.
For example, to identify a single Websense filtering server, enter the following command:
hostname(config)# url-server (perimeter) host 10.0.1.1 protocol TCP version 4
This identifies a Websense filtering server with the IP address 10.0.1.1 on a perimeter interface of the
security appliance.Version 4, which is enabled in this example, is recommended by Websense because it
supports caching.
To identify redundant Secure Computing SmartFilter servers, enter the following commands:
hostname(config)# url-server (perimeter) vendor n2h2 host 10.0.1.1
hostname(config)# url-server (perimeter) vendor n2h2 host 10.0.1.2
This identifies two Sentian filtering servers, both on a perimeter interface of the security appliance.
OL-12172-03
Filtering URLs and FTP Requests with an External Server
Cisco Security Appliance Command Line Configuration Guide
20-5