Hi Varun,

Thanks for your prompt reponse. Sorry, couldn't uptdate you the config, this is a client's box.

Could you suggest me any steps to test if the ASA is blocking the javascript and if there is a way to disbale.

cheers!

javeed

Well not really sure if its a java issue only because you first need to verify whether the config is good for it or not. Are you doing u-turning on the firewall, could you just post the config relevant to the server?

-Varun

Users access this internal URL via cisco vpn client, following is the capture while accessing the URL.

7 packets captured

   1: 10:48:18.417245 x.x.25.23.1323 > 10.31.3.25.80: S 4282388673:4282388673 win 65535

   2: 10:48:18.419823 10.31.3.25.80 > x.x.25.23.1323: S 3400908732:3400908732 ack 4282388674 win 5840

   3: 10:48:18.446677 x.x.25.23.1323 > 10.31.3.25.80: . ack 3400908733 win 32768

   4: 10:48:18.452979 x.x.25.23.1323 > 10.31.3.25.80: P 4282388674:4282389553(879) ack 3400908733 win 32768

   5: 10:48:18.455848 10.31.3.25.80 > x.x.25.23.1323: . ack 4282389553 win 7032

   6: 10:48:18.461813 x.x.25.23.1323 > 10.31.3.25.80: . 4282389553:4282390813(1260) ack 3400908733 win 32768

   7: 10:48:18.464545 x.x.25.23.1323 > 10.31.3.25.80: R 4282390813:4282390813 win 14013

no u-turning confugured, unfortunatly dont have much of the config, it just has a access-list allowed for http port to the server and route, default inspection enabled are.

tp  inspect xdmcp  

message-length maximum 512
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny 
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip 
  inspect xdmcp

cheers!

javeed