08-31-2011 12:44 PM - edited 03-11-2019 02:19 PM
Currently have a Cisco ASA5520..
there is an internal application that communicates on port 80 with an outside host but is not HTML protocol.
the ASA seems to block this traffic... any idea why?
08-31-2011 01:10 PM
Can you check if you have the inspection for http enable?
Do the following
sh run policy-map
Check if it says inspect http.
Mike
08-31-2011 01:15 PM
The current output is
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect dns preset_dns_map
inspect ip-options
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512 !
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect dns preset_dns_map
inspect ip-options
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
Inspect HTTP is not in there does this it filters out NON HTTP requests using app port 80?
08-31-2011 01:33 PM
It shouldnt, would you please gather the logs.
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide