We're experiëncing some difficulties with our ASA 5505.
When we want to visit https://portal.example.com the pc doesn't go to that website. However, when we visit a different portal, it goes right ahead. When we remove the ASA 5505 out of the network we can vizit https://portal.example.com just fine.
I uploaded the firewall rules just in case. I didn't think there's anything wrong with those but I uploaded them anyway.
Has anyone experienced the same kind of incidents?
Thanks in advance,
Solved! Go to Solution.
please apply captures on the outside and inside and of the asa and also the PC this will give us some ideas
let us see where it is feeling
this will help you applying captures
I assume that "portal.example.com" is just a placeholder for the real server you try to access.
Some things to verify (because "PC doesn't go to that website" is not very precise):
Can you resolve the name on the PC in question with nslookup?
Can you establish a telnet session to the resolved IP address, port 443?
(you might want to do that test from "server" because it's the only one permitted https to the outside)
A packet-tracer is always recommended to verify if something is wrong with the firewall config (but in that case I don't think its the config).
Is "server" functioning as a https-proxy for the inside PCs? If so, can the server itself open the website?
If "server" is a https-proxy could be something wrong with the server policies, like black-list or something wrong with the certificate of "portal.example.com"?
In some rare cases a server can redirect the clients to a different port with "content location changed" (vulgo "http redirect").
Just a few things that might be worth trying to drill down into the cause of the issue.