cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2184
Views
0
Helpful
2
Replies

HTTP Error 403

sridharbabus
Level 1
Level 1

Hi,

I'm using cisoc-ASA-software version 8.4 and smartfilter. i'm getting "HTTP Error 403 - Forbidden" with below situation.

1) when smartfilter blocks the client url request and sent a block page to the asa box, asa box should forward this to client browser. but asa box sending

"HTTP Error 403 - Forbidden" error message to client browser.

reason may be, block page is exceeding the limit of 3072 bytes.

2) because of this reason, smartfilter is encoding the block page into gzip or deflate and sent to asa box. now the block page size is with in the limit.but in this case also cisco asa is sending it's own error message of , "HTTP Error 403 - Forbidden".

Please help me to configure the cisco -asa  such way that it should forward the block page as it is from smartfilter.

Thanks

Sridhar

2 Replies 2

lcambron
Level 3
Level 3

Truncating the URL might help. You may want to give this a try.

filter url longurl-truncate

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/filter.html#wp1042559

Regards,

Felipe.

Thank you for the reply.

Above configuration i working fine, when CISCO ASA receives a long url. But my cases when  ASA sending its own erro message when it receives a zgip  or deflate encoded  html page.

Smartfilter supports two modes.

1) in one mode, if smartfilter should block the incoming request then it will send back a block page url to the asa box.

in this case no problem.

2) second case it should send a block page or redirect page (not url) to asa box, if the page size is more than the limit, it will encode into gzip or deflate and then sent  to ASA.

This case it ASA sending its own error message as follows

HTTP Error 403 - Forbidden

You do not have permission to access the document or program you requested.

Thanks

Sridhar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: