01-08-2013 08:03 AM - edited 03-11-2019 05:44 PM
Hello
We have a problem with some websites being blocked every now and then. Everyone inside can access this external website for weeks, and then suddenly it's not available for a few hours, and then it comes back. All without me making any changes to the firewall, ASA5510. The external website that has nothing to do with us can be accessed from anywhere outside our network, example on my iphone through Verizon.
We have not set up any rules about blocking websites, all I found was the Default Service Policy. After backing up and then deleting the rule we are able to access all sites.
So, is it ok to not have a Default Service Policy?
Thank you
/Mats
01-08-2013 08:12 AM
Hi,
Do you mean that you have "inspect http" configured and then remove it to avoid the problem accessing the site?
While its enabled have you tried to use the command "show service-policy inspect http" to see if there are any drops/reset-drops?
Here are some links related to the "inspect http" (ASA 8.2)
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/inspect_basic.html#wp1514315
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/i2.html#wp1735782
Atleast in some software version the "inspect http" is disabled by default.
- Jouni
01-08-2013 08:13 AM
Deleting this service-policy will break other functionality and is not the way to solve that problem. Better investigate why from time to time these problems arise. If you think your firewall is involved, start with an ASA-Update to a mre recent software.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide