cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1247
Views
0
Helpful
3
Replies

ASDM PAC File settings

Hello All,

Our company is going to Zscaler for it's URL and Content Filtering. With that being said we have decided to use PAC files so that we can monitor all users no matter where they are. When I apply the PAC file to my computer I notice I cannot connect to ASDM. So I launch wireshark to see where the traffic is going it goes to the firewall just fine but I never seem to  get return traffic. Remove the pac file and set  the proxy settings to point to their proxy directly almost the same results, but now I don't get an immediate "cannot connect to ASDM". It just does the circle of death waiting and waiting. But what I did notice is that when I look at the java log, it does not contain any information related to proxy addressing...so I am thinking I need to set that some where. So I tried setting it in the JAVA console  I have tried all the network settings (Direct, Use Proxy, etc) and none of them change my outcome and the log file still says UNKNOWN SOURCE. I can't find anything online about this, I think it might be a bug held over from previous versions of JAVA but I am hoping that maybe one of you might have seen this and have a work around or fix other than saying, remove the pac file...:)

Thanks for your help in advance it is really appreciated.

-Mike

3 Replies 3

Good afternoon, 

I came from a School system that migrated to Zscaler, so it's been a while, but in your PAC file, do you have anything to prevent your local traffic from being sent to zscaler?

I am trying to find an example PAC file but i don't know if i kept them.  I want to say since ASDM uses HTTPS, you have to add a rule in the PAC file to exclude your internal IP/DNS for the ASDM.

if i find an example i'll attach it.

Christopher,

Well as luck has it, it is only affecting two machines. The other IT folks aren't having this issue. So there has to be something in my setup that is different. But as an interim fix, I have batch file to remove the PAC and then I launch ASDM. If you or anyone else knows how to fix this it would be great.

I did compare the JAVA logs from one that was working and one that is not (mine). The one that is working properly with the PAC doesn't have a bunch of java calls in the logs. The one does not work (mine) has numerous of java calls and all the calls have "(UNKNOWN SOURCE)"

Again thanks for the help.

-Mike 

Mike  

Did you use the ASDM to configure your Zscaler tunnel.   The Zscaler tutorials are all for CLI version with 9.1 being the newest edition.   My asa 5508x is running 9.6 and will not allow me to use IKEv1 due to it being cracked.   


If not that is cool too it just looks like you did this very recently instead of the 2013 articles I have been finding.  

Thanks 

Carl

Review Cisco Networking for a $25 gift card