CSC-SSM-20 cuasing issues

Josh Sprang — Mon, 11 Mar 2019 23:02:34 GMT

I recently implemented an ASA 5520 HA pair with CSC-SSM-20s in each non stateful per cisco. The CSC management sits in a management subnet 192.168.4.0/24 with the management interface of the ASA as its default gateway in the same subnet. Ever since the implementation frequently webpages will not load correctly, the formating will not look right and pictures will be red x. If you hit f5 to refresh the pages loads fine. If I add a deny any any eq 80 rule before the permit any any eq 80 the issue appears to go away. TAC can't seem to find anything worng. All we want to do is use a simple web content filter with the check boxes in the global filtering policy. ASA is running 8.2(5) and CSC is running 6.3.1172.0. Everything else works fine SVC and rules and such. Any ideas why pages won't load correctly?

access-list csc-out extended deny tcp host 192.168.3.189 any eq www <standby asa interface>

access-list csc-out extended deny tcp host 192.168.3.235 any eq www <active asa interface>

access-list csc-out extended deny tcp host 192.168.4.1 any eq www <active asa mgt interface>

access-list csc-out extended deny tcp host 192.168.4.4 any eq www <CSC 1 mgt interface>

access-list csc-out extended deny tcp host 192.168.4.3 any eq www <CSC 2 mgt interface>

access-list csc-out extended permit tcp any any eq www

class-map http

match access-list csc-out

policy-map csc-out

class http

csc fail-open

service-policy csc-out interface outside

CSC-SSM-20 cuasing issues

Maykol Rojas — Sat, 05 May 2012 02:49:17 GMT

Try disabling HTTP scanning.

Mike

Re: CSC-SSM-20 cuasing issues

Josh Sprang — Sat, 05 May 2012 03:35:07 GMT

Thanks for the quick reply. Http scanning was already disabled

Sent from Cisco Technical Support iPad App

topic CSC-SSM-20 cuasing issues in Network Security

CSC-SSM-20 cuasing issues

CSC-SSM-20 cuasing issues

Re: CSC-SSM-20 cuasing issues