Firewall blocking one web site no other

paul_holmgren · ‎01-30-2011

Hi

I have installed an Cisco ASA 5510 and have one problem.
This firewall is blocking one site and one site only I cant browse to www.idg.se throu this firewall all other that I and my users have tested is OK?

I have connected my laptop to outside firewall and recorded all traffic from and to firewall and this site and also from and to my laptop that are using anoter public IP in my subnet.
With wireshark I can only see one diffrence between ASA traffic and my laptop and thats mss is defalt 1380 from asa and 1200 from laptop.
And of cource that site answers after syn no 2 to my laptop and not to my firewall after 3 SYN.
I get no error messages i ASDM 6.3.5 when I try to go to this site.

Can some body please help me?

sean_evershed · ‎01-30-2011

If you increase the logging level to debugging do you see any error message on the ASA when trying to access the site?

Is traffic blocked if you telnet on port 80 from your internal network to the IP address rather than the DNS name of the site?

paul_holmgren · ‎01-31-2011

Hi

No I got no error messages.

Only a build connection and a teardown.

teardown duration 0:00:30 bytes 0 SYN Timeout.

mirober2 · ‎02-01-2011

Hi Paul,

Can you repeat the test through the ASA and setup bidirectional packet captures on both the inside and outside interfaces of the ASA following this document:

https://supportforums.cisco.com/docs/DOC-1222

I would recommend including both TCP/80 and ICMP traffic in case there is an error message coming back.

-Mike