Login
- Table of Contents
-
- H3C Access Controllers Application Security Web-Based Configuration Examples-6W100
- 00-Preface
- 01-H3C Access Controllers Comware 7 IPS Configuration Example
- 02-H3C Access Controllers Comware 7 URL Filtering Configuration Example
- 03-H3C Access Controllers Comware 7 Anti-Virus Configuration Example
- 04-H3C Access Controllers Comware 7 Application Audit and Management Configuration Example
- 05-H3C Access Controllers Comware 7 Application Rate Limiting Configuration Example
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 02-H3C Access Controllers Comware 7 URL Filtering Configuration Example | 297.13 KB |
|
|
|
H3C Access Controllers |
|
Comware 7 URL Filtering |
|
Configuration Example |
Copyright © 2024 New H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.
Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.
The information in this document is subject to change without notice.
Introduction
The following information provides an example for configuring URL filtering.
Usage guidelines
Application scenarios
This configuration example is used to controls access to the Web resources by filtering the URLs that the users visit.
Prerequisites
This document is not restricted to specific software or hardware versions. Procedures and information in the examples might be slightly different depending on the software or hardware version of the device.
The configuration examples were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.
Restrictions and guidelines
This feature is supported only in E5568P01 and later.
Example: Configuring URL filtering
Network configuration
As shown in Figure 1, the switch acts as a DHCP server to assign IP addresses to the AP and the clients. The AP and the AC use VLAN 100 to establish a tunnel, and the clients access the wireless network through VLAN 200. Configure URL filtering to meet the following requirements:
· To improve working efficiency, prohibit internal users from accessing drug-related and adult-oriented websites.
· Prohibit internal users from accessing www.tudou.com.
Procedures
Configuring basic AC functions
Configuring an address object group
1. From the left navigation pane, select Application Security > Object Groups > IPv4 Address Object Groups.
2. Click 
to add an IPv4 address object group.
¡ Enter object group name urlfilter.
¡ Click to specify the network segment object, specify the content as 192.2.1.0/24, and click Apply.
3. Click Apply.
Figure 2 Adding an IPv4 address object group
Configuring a user-defined URL category
1. From the left navigation pane, select Application Security > URL Filtering > URL Categories.
a. Click 
to add a URL category:
- Enter URL category name urlfilter.
- Specify the severity level as 2000.
b. Click 
to add a URL filtering rule:
- Specifies the Text match pattern.
- Specify the host name as http://www.tudou.com/.
c. Click Apply.
Figure 3 Adding a URL filtering rule
d. Use the default settings for other parameters.
e. Click Apply.
Figure 4 Creating a user-defined URL category
Configuring a URL filtering profile
1. From the left navigation pane, select Application Security > URL Filtering > URL Filtering Profiles.
2. Click 
to add a URL filtering profile:
¡ Enter profile name urlnews.
¡ Select the Permit as the default action.
Figure 5 Adding a URL filtering profile
3. In the URL categories area, select Drop for user-defined URL categories and predefined URL categories Pre-Adult and Pre-Drug.
Figure 6 Configure URL categories
4. Click Apply.
After you configure a URL filtering profile, you must click Submit for it to take effect.
Configuring a security policy
1. From the left navigation pane, select Application Security > Security Policies > Security Policies.
2. Click 
to add a security policy:
¡ Enter security policy name urlfilter.
¡ Select Permit as the action.
¡ Select urlfilter in the Source IP address field.
¡ Select URL filtering profile urlnews.
¡ Use the default settings for other parameters.
3. Click Apply.
Figure 7 Adding a security policy
Verifying the configuration
Verify that the AC can use the URL filtering profile to control access by filtering URLs as follows:
· The internal users cannot access drug websites or adult websites.
· The internal users cannot access www.tudou.com.
Related documentation
H3C Access Controllers Web-Based Configuration Guide
