Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1568
Views
0
Helpful
20
Replies

Facing an Issue with one website

Go to solution
samirshaikh52
Level 2
Level 2

‎01-14-2012 10:09 AM - edited ‎03-11-2019 03:14 PM

Hello Experts,

I'm facing a weird problem and I was tired as i try all my best to solve the issue.

I'm facing a problem accessing 1 medical website.It works for 5 minutes and stopped working.

If I connect a laptop directly to my router and assign public ip it works and download from the website with no issue. BUt if i connect this laptop to my internal network behind asa I face issues. I can browse other websites without problemsFor more info I've inbuilt IPS with ASA.

I'm sure something internally having problem.

Please help me

Labels:
0 Helpful
20 Replies 20

Go to solution
samirshaikh52
Level 2
Level 2
In response to samirshaikh52

‎01-14-2012 12:12 PM

As this website will used by many users in my organization and I cannot let http and https bypassing IPS. Your further help will be highly appreciated.

Thank you very much.

0 Helpful

Go to solution
samirshaikh52
Level 2
Level 2
In response to samirshaikh52

‎01-14-2012 12:18 PM

Hi,

The download was successfull completed. Please help me further to solve this problem permanently from the IPS.

I really appreciated your help.

Samir.

0 Helpful

Go to solution
samirshaikh52
Level 2
Level 2
In response to samirshaikh52

‎01-14-2012 12:31 PM

Any suggestions.

Samir

0 Helpful

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to samirshaikh52

‎01-14-2012 01:34 PM

Hello Samir,

There got to be something with that particular website that is making a signature on the IPS to reset or drop the connection, in this case we will need to make captures and troubleshoot the IPS module to see what is going on.

The workaround on this would be to instead of this:

access-list  CSM_TF_ACL_IPS__1 line 1 deny tcp host x.x.x.x ( private ip address test PC) any eq 80

access-list  CSM_TF_ACL_IPS__1 line 2 deny tcp host x.x.x.x ( private ip address test PC) any eq 443

Use this:

access-list  CSM_TF_ACL_IPS__1 line 1 deny tcp any  host website_ip eq 80

access-list  CSM_TF_ACL_IPS__1 line 2 deny tcp any host website_ip  eq 443

With this, the only tcp port 80 and 443 that will be bypassed will be the one going to that particular website.

You can do a nslookup to get the ip address of the remote site.

Hope I helped you on this

Julio

Rate posts that helps you

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
samirshaikh52
Level 2
Level 2
In response to Julio Carvajal

‎01-14-2012 01:40 PM

Hi Julio,

Firstly thank you very much for your help I really appreciate.

access-list  CSM_TF_ACL_IPS__1 line 1 deny tcp any  host website_ip eq 80
access-list  CSM_TF_ACL_IPS__1 line 2 deny tcp any host website_ip  eq 443

Thanks once again. Have a nice time.

0 Helpful

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to samirshaikh52

‎01-14-2012 02:11 PM

Hello Samir,

Thank you for your kind words.

Have a great day,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card