EMAIL SECURITY: How to Troubleshoot Thumbprint Stale alerts message issue if you have Cisco Pix fi
03/26/2020 1107 11303
EMAIL SECURITY: How to Troubleshoot Thumbprint Stale alerts message issue if you have Cisco Pix firewall and Websense on the Network.
You can configure a Cisco PIX Firewall to bypass Websense Enterprise for traffic going to a specific IP addresses.
You may also set specific source addresses on your network (workstations or subnets) to bypass filtering. To do so, use the
filter url except command.
filter url except <source IP> <source mask> <destination IP> <destination mask> allow
(Note: Source IP is the IP address of your ES SonicWall and destination IP is the update server. As update domain has multi-IP addresses, leave the destination IP as 0.0.0.0.
(Incoming or outbound traffic from IP addresses specified in these commands will not be filtered or logged by Websense).
The line below configures the PIX Firewall to allow any outbound traffic from the 10.1.0.0 network to go out unfiltered.
filter url except 10.1.0.0 255.255.0.0 0.0.0.0 0.0.0.0 allow
The line below configures the PIX Firewall to allow any outbound traffic from the specific IP address 10.1.1.1 to go out unfiltered.
filter url except 10.1.1.1 255.255.255.255 0.0.0.0 0.0.0.0 allow
The next line allows all users to access the destination IP address 22.214.171.124 without being filtered.
filter url except 0.0.0.0 0.0.0.0 126.96.36.199 255.255.255.255 allow