Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
509
Views
0
Helpful
4
Replies

HP DRIVER WEBSITE NOT ACCESIBLE THROUGH ASA

Manjunatha Jayaram
Level 1
Level 1

‎10-15-2007 12:40 AM - edited ‎03-11-2019 04:25 AM

Hi,

I am facing a peculiar issue that is when i try accessing a particular driver site of hp, the page is not getting displayed.My PC passes thru the ASA running 7.2.3 version which then has a next hop router to the internet.I did face the same problem for many other sites but got resolved after i applied the tcp mss based commands menioned below.

------------------------------------------

tcp-map mss-map

exceed-mss allow

access-list http-list extended permit ip any any

access-list http-list extended permit tcp any any

class-map http-map1

match access-list http-list

policy-map http-map1

class http-map1

set connection advanced-options mss-map

service-policy http-map1 interface outside

----------------------------------------

But this driver site of hp alone is not accesible.When i place my pc above the firewall with the gateway directly as my router it works fine.Please let me know if there is some way out to resolve this problem.

Regards...Jithesh

Labels:
0 Helpful
4 Replies 4

Manjunatha Jayaram
Level 1
Level 1

‎10-15-2007 11:43 PM

Hi,

Can some one help me get some output for the problem that am facing.

regards,

Jithesh

0 Helpful

cmcbride
Level 1
Level 1
In response to Manjunatha Jayaram

‎10-17-2007 03:43 PM

Does this ASA have a CSC module installed and configured in it?

0 Helpful

Manjunatha Jayaram
Level 1
Level 1
In response to cmcbride

‎10-18-2007 05:41 AM

No there is not csc module installed in it.Could you guess some other reasons for this problem to have happened.

regards...JIthesh

0 Helpful

rehan-arif
Level 1
Level 1

‎10-01-2024 06:09 AM

It seems like the issue is likely related to the ASA (Adaptive Security Appliance) or the MTU (Maximum Transmission Unit) mismatch. The TCP MSS (Maximum Segment Size) command you applied helped resolve other site issues, but this specific HP driver site might still be causing problems due to a different packet size or network configuration.

Here are a few suggestions:

  1. Adjust the MSS value: Try lowering the MSS value further in your TCP map. For example:
    sysopt connection tcpmss 1360

  2. This reduces the MSS size, which could help resolve issues with certain websites.

  3. Check for Content Inspection Issues: Ensure that there is no content inspection, filtering, or IDS/IPS blocking the traffic to the specific HP driver site.

  4. Disable HTTP Inspection: If HTTP inspection is enabled, you can try disabling it as it may cause issues with certain websites.
    no inspect http

    1. Firewall Logs: Check your ASA logs for any dropped or denied traffic to the HP site.

    2. MTU on Router: Ensure that your router’s MTU settings are appropriate for internet traffic and not fragmenting packets beyond what the firewall can handle.

    If none of these steps help, the issue might be more specific to how the ASA handles certain types of traffic, and further diagnostics would be required.
    check the following for more ease

     

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card