- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-01-2021 08:20 AM
We have an internal VLAN that we wish to have ACLs to allow https traffic for when applications need the access to perform upgrades. If we try to setup NAT it wont let us use port 443 because it is in use with VPN and SSL. The ACLs dont seem to have any effect on the traffic, though the packet tracer shows that the 443 from the outside doesnt make it past the ACL rules. I have attached the complete configuration (IPs have been replaced with letters) so that anyone may review and add any comments.
We have been using curl as a test for this. This should return a header from the site, but instead just hangs:
# curl -Is https://support.cisco.com
# show asp table socket
Protocol Socket State Local Address Foreign Address
SSL 00003148 LISTEN :443 0.0.0.0:*
SSL 00005a08 LISTEN :443 0.0.0.0:*
SSL 00006738 LISTEN :443 0.0.0.0:*
SSL 00009138 LISTEN :443 0.0.0.0:*
SSL 0000a6a8 LISTEN :443 0.0.0.0:*
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-02-2021 12:52 AM
I decided the best method was to use wccp and a proxy server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-02-2021 12:52 AM
I decided the best method was to use wccp and a proxy server.
