Identifying the URL-Filtering Server
The url-server command designates the server that is running the N2H2 or Websense URLfiltering
application. The Security Appliance allows you to configure a maximum of 16 URL
servers (with the first one entered being the primary URL server), and you can use only one
URL-filtering server at a time, either N2H2 or Websense. Configuration is performed both
on the Security Appliance and the URL-filtering server. You can identify more than one URLfiltering
server by entering the url-server command multiple times. The primary URL-filtering
504 Chapter 16: Content Filtering on the Cisco Security Appliance
server is the first server that you identify. The syntax for identifying an N2H2 URL-filtering
server is as follows:
url-server [(if-name)] vendor n2h2 host local-ip [port number]
[timeout seconds] [protocol {TCP | UDP}]
The default protocol is TCP. The timeout parameter in the url-server command is the
maximum idle time permitted before the Security Appliance switches to the next URLfiltering
server you specified. The default time is 5 seconds.
The following example identifies an N2H2 URL-filtering server with an IP address of
10.10.10.13:
pixfw(config)#url-server (inside) vendor n2h2 host 10.10.10.13
The default port used by the N2H2 server to communicate with the Cisco Security Appliance
via TCP or UDP is 4005.
The syntax for identifying a Websense URL-filtering server is as follows:
url-server [(if-name)] vendor websense host local-ip [timeout seconds]
[protocol {TCP | UDP} version{1 | 4}]
The following example identifies a Websense URL-filtering server with an IP address of
10.10.10.14:
pixfw(config)# url-server (inside) vendor websense host 10.10.10.14
To view the URL-filtering server, use the show url-server command, as shown in
Example 16-1.