topic ASA 5510 HTTPS Filtering Bog Down in Network Security https://community.cisco.com/t5/network-security/asa-5510-https-filtering-bog-down/m-p/1835586#M459241 <HTML><HEAD></HEAD><BODY><P>Hi Ron,</P><P></P><P>A couple of basic things to check:</P><P></P><P>1. The ASA's inspection policy should not be configured to match traffic from the CSC module's management IP address</P><P>2. The policy should also not match any traffic other than the protocols you want to filter</P><P>3. None of the CSC module's debug logs should be enabled</P><P>4. The ASA should not send more traffic to the CSC module than it can handle:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6.html">http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6.html</A></P><P></P><P>If the above suggestions don't help, I would suggest opening a TAC case to have this investigated further.</P><P></P><P>-Mike</P></BODY></HTML> Wed, 29 Feb 2012 21:16:23 GMT mirober2 2012-02-29T21:16:23Z ASA 5510 HTTPS Filtering Bog Down https://community.cisco.com/t5/network-security/asa-5510-https-filtering-bog-down/m-p/1835585#M459236 <P>I am running a Cisco ASA 5510 with Trend Micro Interscan. We have it set up to filter https except for a handful of sites. It is filtering the ones we don't want ie: facebook, and youtube. Though it is causing all other https to slow to a crawl. Therefore some sites it times out on us. What should we be looking for to change so it isn't slowing the allowed sites down?</P><P></P><P>Version numbers</P><P></P><P>ASA - 8.4(3)</P><P>ASDM - 6.4(3)</P><P>Trend - 6.6.1125</P> Mon, 11 Mar 2019 22:31:01 GMT https://community.cisco.com/t5/network-security/asa-5510-https-filtering-bog-down/m-p/1835585#M459236 rongeiser 2019-03-11T22:31:01Z ASA 5510 HTTPS Filtering Bog Down https://community.cisco.com/t5/network-security/asa-5510-https-filtering-bog-down/m-p/1835586#M459241 <HTML><HEAD></HEAD><BODY><P>Hi Ron,</P><P></P><P>A couple of basic things to check:</P><P></P><P>1. The ASA's inspection policy should not be configured to match traffic from the CSC module's management IP address</P><P>2. The policy should also not match any traffic other than the protocols you want to filter</P><P>3. None of the CSC module's debug logs should be enabled</P><P>4. The ASA should not send more traffic to the CSC module than it can handle:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6.html">http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6.html</A></P><P></P><P>If the above suggestions don't help, I would suggest opening a TAC case to have this investigated further.</P><P></P><P>-Mike</P></BODY></HTML> Wed, 29 Feb 2012 21:16:23 GMT https://community.cisco.com/t5/network-security/asa-5510-https-filtering-bog-down/m-p/1835586#M459241 mirober2 2012-02-29T21:16:23Z