cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5265
Views
0
Helpful
1
Replies

Proxy inspector drop reset

Richard Dumag
Level 1
Level 1

Outside users with certain public ip addresses are not able to access our website.  Below is a log from our ASA 5550 8.2(5)  on one of the clients that's being dropped.  Packet trace result shows that the outside public addresses are allowed. 

We do have a TAC case open but wanted to also check the forum if anyone had ran in to this issue before.   Any comment is appreciated.

                  

4              Dec 19 2012        15:40:15               507003  xxx.xxx.x.2     23348    xxx.xxx.88.1       80           tcp flow from outside:xxx.xxx.xxx.2/23348 to DMZ:xxx.xxx.xx.1/80 terminated by inspection engine, reason - proxy inspector drop reset.

1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

This looks like port 80 traffic. Do you have http inspection enabled? If so, you can try to remove http inspection and see if the client is able to load the website hosted behind the ASA.

conf t

policy-map global_policy

class inspection_default

no inspect http

-Kureli

https://supportforums.cisco.com/community/netpro/expert-corner#view=webcasts

Upcoming Live Webcast in English: January 15, 2013
Troubleshooting ASA and Firewall Service Modules

Register today: http://tools.cisco.com/squish/42F25

Review Cisco Networking for a $25 gift card