- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 01:01 AM - edited 03-12-2019 06:26 AM
Hi all,
Im unable to block Youtube over Chrome, however Firefox and Internet explorer are blocking it.
Following are the SSL and ACP snaps for you. Please assist.
Solved! Go to Solution.
- Labels:
-
NGIPS
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 01:24 AM
Have you checked the BugID referenced in the other thread where you posted?
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvb95527/?referring_site=bugquickviewclick
It has a suggested workaround and fix.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 01:24 AM
Have you checked the BugID referenced in the other thread where you posted?
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvb95527/?referring_site=bugquickviewclick
It has a suggested workaround and fix.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 01:56 AM
Hi Marvin,
I played with the workaround on Firesight but still it doesnt seem to block it.
PIC attached for reference.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 02:01 AM
The workaround also suggested disabling QUIC in the browser. Have you tried that?
What do you see as the application in the connection event when the traffic is allowed?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 02:11 AM
It does gets blocked after disabling QUIC in browser but i cant go to each user and change their browser settings.
Events, are another problem in firesight 6.2 deployed over ASDM. I only see some events, specially blocked ones there but i dont see any allowed or all the blocked events. That is one strange issue as well.
PIC attached as reference.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 02:17 AM
Understood re the end user issue - I just wanted to make sure we were chasing the right issue and not something else.
I really dislike the ASDM tool for managing FirePOWER modules. Despite its flaws, FMC is 20x better, especially for event analysis.
I'd guess your module is not seeing the Chrome traffic toward Youtube as QUIC. Why is hard to say - are you running the latest updates that pruport to fix the application recognition? If you are, it may be best to contact the TAC to have them take a look at it in real time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 02:23 AM
I always deploy FMC at client ends but here we are preparing for a demo with trial URL licenses and the only easy way was to deploy it over ASDM.
This firewall isnt covered under contract so i fear i wont be able to contact TAC for this one.
Anything else you'd suggest Marvin? though ill still mark your answers as correct as you have always been very helpful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2020 06:28 AM
Hello,
I have ASA5508 managed by FMC I had blocked the Quik port but I received from users that some of the sites is needing these ports then I delete this police.
now how I can block youtube on chrome.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-16-2022 07:16 PM
same here.
