https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866521#M973411 <HTML><HEAD></HEAD><BODY><P>Thanks. It took a little head scratching but it works now.</P></BODY></HTML> Mon, 22 Oct 2007 15:36:00 GMT george.goebel 2007-10-22T15:36:00Z https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866518#M973404 <P>WE have our PIX version 7.2(2) using http inspection and set to drop protocol violations. The problem is, that it drops the Microsoft Updates. Anybody have an idea how to allow the MS Updates to work while still using the inspect http policy.</P> Mon, 11 Mar 2019 11:27:35 GMT https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866518#M973404 george.goebel 2019-03-11T11:27:35Z https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866519#M973405 <HTML><HEAD></HEAD><BODY><P>George, I believe you would have to work with creating policy and class-map to classify certain traffic, by default global policy does not inspect http but since you have altered this you would need to create a policy whereby you can apply acl to allow certain http traffic to not be ispected. </P><P></P><P>I have not done this as we have websence for filtering http but have read about it, if someone can point a good link that will be great or if there is any other way to do it.. if I find a good example link I will posted.</P><P></P><P>Rgds</P><P>Jorge </P><P></P></BODY></HTML> Fri, 19 Oct 2007 16:00:07 GMT https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866519#M973405 JORGE RODRIGUEZ 2007-10-19T16:00:07Z https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866520#M973407 <HTML><HEAD></HEAD><BODY><P>George, this is the link you would want to reference , applying application layer protocol inspection, this covers module policy framework and class-maps for your particular request.</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/customer/docs/security/asa/asa72/configuration/guide/inspect.html" target="_blank">http://www.cisco.com/en/US/customer/docs/security/asa/asa72/configuration/guide/inspect.html</A></P></BODY></HTML> Sat, 20 Oct 2007 03:38:12 GMT https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866520#M973407 JORGE RODRIGUEZ 2007-10-20T03:38:12Z https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866521#M973411 <HTML><HEAD></HEAD><BODY><P>Thanks. It took a little head scratching but it works now.</P></BODY></HTML> Mon, 22 Oct 2007 15:36:00 GMT https://community.cisco.com/t5/network-security/pix-inspect-http-problem/m-p/866521#M973411 george.goebel 2007-10-22T15:36:00Z