certain https website timing out

sushil · ‎09-13-2011

Hi,

Running ASA 5510 with code 8.3 in it.

We have our few https portal and OWA websites in HO.We access these sites from the network behind the ASA.

All works perfectly fine.

In order to have control on internal network traffic we placed a web-filtering device (Fortigate) in transparent mode.

To start with of we haven't blocked anything via new box but https portal and OWA stopped working from certain computers.At the same time other https sites were reachable from the same computer/s.

We checked that website was tracable using traceroute from ASA,Fortigate and even from interal computer(from the one which it is not opening).

This behaviour is random.

Any suggestion you can give at least on ASA site.

Some duplex setting or may be https scanning required or not kind of.

Or any other tool to monitor the traffic on ASA?

Reg,

Sushil

Maykol Rojas · ‎09-13-2011

Hello,

Just as a question and I dont want to blame the fortigate, when did the problem started? Have you always had this issues or was it just when you put the fortigate.

The fact that you can trace the site doesnt mean that is going to work, worst if we are talking about SSL sites.

Let me know.

Mike

sushil · ‎09-13-2011

The problem started only when fortigate introduced in transparent mode to filter the websites.Though we have checked it by allowing all the websites by allow rule.But these sites doesn't work.

Removing the fortigate from the network allows the websites to work.

Reg,

Sushil

Maykol Rojas · ‎09-13-2011

I see, can you rule out the ASA just by connecting a computer, the fortigate and the router to the internet and check if you have the issue? I've never seen problems with the ASA and a device like that working together.

Mike