Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
719
Views
0
Helpful
1
Replies

ASA 5510 HTTPS Filtering Bog Down

rongeiser
Level 1
Level 1

‎02-16-2012 07:41 PM - edited ‎03-11-2019 03:31 PM

I am running a Cisco ASA 5510 with Trend Micro Interscan. We have it set up to filter https except for a handful of sites. It is filtering the ones we don't want ie: facebook, and youtube. Though it is causing all other https to slow to a crawl. Therefore some sites it times out on us. What should we be looking for to change so it isn't slowing the allowed sites down?

Version numbers

ASA - 8.4(3)

ASDM - 6.4(3)

Trend - 6.6.1125

Labels:
0 Helpful
1 Reply 1

mirober2
Cisco Employee
Cisco Employee

‎02-29-2012 01:16 PM

Hi Ron,

A couple of basic things to check:

1. The ASA's inspection policy should not be configured to match traffic from the CSC module's management IP address

2. The policy should also not match any traffic other than the protocols you want to filter

3. None of the CSC module's debug logs should be enabled

4. The ASA should not send more traffic to the CSC module than it can handle:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6.html

If the above suggestions don't help, I would suggest opening a TAC case to have this investigated further.

-Mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card