Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
751
Views
0
Helpful
2
Replies

ASA blocking long URL access

Go to solution
paulnigel
Level 1
Level 1

‎10-08-2006 07:25 PM - edited ‎02-21-2020 01:13 AM

Hi Forum,

I can't seem to find an answer for my ASA blocking long URL access. below is the only http filtering configurations i can find on my firewall. could it be the default settings? How do I turn it off, Is there a better way?

I am using ASA5500.

Thanks much,

paul

http-map inbound_http

content-length min 100 max 2000 action allow log

content-type-verification match-req-rsp action allow log

max-header-length request 100 action allow log

max-uri-length 100 action allow log

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Andrew von Nagy
Level 1
Level 1

‎10-08-2006 08:41 PM

Do you have any filter http commands and url-server commands configured? If so, there is an option to truncate long URLs.

Also, bugs appear to exist in the http inspection engine in releases after 7.1(2). Try disabling the http inspection and see if the problem disappears.

Andrew

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Andrew von Nagy
Level 1
Level 1

‎10-08-2006 08:41 PM

Do you have any filter http commands and url-server commands configured? If so, there is an option to truncate long URLs.

Also, bugs appear to exist in the http inspection engine in releases after 7.1(2). Try disabling the http inspection and see if the problem disappears.

Andrew

0 Helpful

Go to solution
paulnigel
Level 1
Level 1
In response to Andrew von Nagy

‎10-08-2006 09:04 PM

Hi Andrew,

Thanks much for your help. when I turned off the http inspection, the error is gone. I do not have any filter http commands and url-server commands configured.

however, my firewall version is 7.0(4), is there a bug for this version?

thanks much for your help,

paul

========================================

sh ver

Cisco Adaptive Security Appliance Software Version 7.0(4)

Device Manager Version 5.0(4)

Compiled on Thu 13-Oct-05 21:43 by builders

System image file is "disk0:/asa704-k8.bin"

Config file at boot was "startup-config"

pixfirewall up 76 days 18 hours

Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 64MB

BIOS Flash AT49LW080: @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

Boot microcode : CNlite-MC-Boot-Cisco-1.2

SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03

IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04

0: Ext: Ethernet0/0 : address is 0015.c695.ab9a, irq 9

1: Ext: Ethernet0/1 : address is 0015.c695.ab9b, irq 9

2: Ext: Ethernet0/2 : address is 0015.c695.ab9c, irq 9

3: Ext: Ethernet0/3 : address is 0015.c695.ab9d, irq 9

4: Ext: Management0/0 : address is 0015.c695.ab99, irq 11

5: Int: Not licensed : irq 11

6: Int: Not licensed : irq 5

<--- More --->

Licensed features for this platform:

Maximum Physical Interfaces : Unlimited

Maximum VLANs : 10

Inside Hosts : Unlimited

Failover : Active/Standby

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Security Contexts : 0

GTP/GPRS : Disabled

VPN Peers : 150

This platform has an ASA 5510 Security Plus license.

Serial Number: xxx

Running Activation Key: xxx

Configuration register is 0x1

Configuration last modified by enable_15 at 12:58:54.429 Mal Mon Oct 9 2006

pixfirewall#

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card