Re: When using urlfilter web server becomes unavailable

pugs17211721 · ‎09-09-2010

Remote Location (DET) has a vpn tunnel built to our main location (ML) where our websense server sits.

This is the websense configuration that is in place on DET. DET local LAN is 172.20.120.0/24

    access-list 50 permit any log
    ip inspect name websenseinternet http java-list 50 urlfilter
    ip urlfilter urlf-server-log
    ip urlfilter server vendor websense 172.20.63.75
    ip urlfilter allow-mode on

    Interface FastEthernet0/0.1
    ip inspect websenseinternet in
    ip inspect websenseinternet out

There is a web server (actually its a ups snmp adapter that runs a webserver) that I need to get access to (172.20.120.23) If the websense configuration is running I am unable to access the web server. If the commands are removed, I can access the webserver no problem.

Any ideas?

Kevin Redmon · ‎09-12-2010

Can you please provide a better understanding of the topology that we are dealing with here? As you describe above, this webserver/snmp adapter resides across the VPN tunnel - at the DET location - correct? What is the VPN tunnel access-list? From where are you trying to access this server? Are you getting any syslogs?

If it isn't already there, please enable 'ip inspect log drop-pkt' on the DET device, as well as the local device. After attempting to access the snmp adapter, gather the output of 'show log | inc FW'. Do you receive any other syslogs at the time of the issue on either router? Have you tried disabling firewall (CBAC) while leaving Websense enabled? Do you get any syslogs on the Websense server?

Any information that you can provide relevant to the topology and/or syslogs that are generated at the time of the failed access is greatly appreciated.

Best Regards,

Kevin