Hi Michaelhttp://www.fir3net

Michael986 · ‎05-28-2014

Hi,

We've recently installed a Pitney Bowes Postage meter which needs to connect to the PB servers to enable it to do whatever it needs to do.

In the documentation, it states that 'The System only supports “chunked” HTTP Transfer Encoding communication'

Does our ASA5510 support this? And if so, how do I check whether it's enabled at the moment?

Thanks

Michael

pantelis1 · ‎05-29-2014

Hi Michael

http://www.fir3net.com/Protocols/http-what-does-transfer-encoding-chunked-mean.html

ASA should be able to support this?Are you doing HTTP inspection? If you do have an IPS on your firewall, you will need to review the relevant IPS signature

http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=5245&signatureSubId=0

Thanks

Pantelis

Michael986 · ‎05-29-2014

Hi Pantelis,

Thanks for the response.

How do I confirm whether or not I'm doing HTTP inspection? I have a 'Service Policy Rule' called 'inspection_default' which has only 'Default Inspection Traffic' selected. Under the 'Default Inspections' tab, 'http' is listed, but under 'Rule Actions', 'HTTP' is not selected. I've no idea whether this means that I am doing HTTP inspection or not.

Is there an easy way to test whether this type of communication is allowed - eg a test website? At the moment the Pitney Bowes device is not connecting, but I have no idea whether it is the 'chunking' or something else that is stopping it.

Thanks

Michael

pantelis1 · ‎05-30-2014

Hi Michael

Example on how to configure HTTP inspection: http://ccnpsecurity.blogspot.co.uk/2011/10/configuring-http-inspection-in-cisco.html

Regarding Testing I guess the best way is to use wireshark and test access to the device via HTTP (traffic should go via the asa)

http://zoompf.com/blog/2012/05/too-chunky

Thanks

Pantelis

HTTP Chunking on an ASA5510