Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1704
Views
0
Helpful
1
Replies

SFR requested to drop TCP packet - (leading to website denied)

OR81
Level 1
Level 1

‎10-06-2022 07:56 AM - edited ‎10-06-2022 07:58 AM

Hi everybody.

I manage an ASA5525-X with ASA Firepower. I have to ay that this is the first time I had to manage an ASA with firepower included. I have to allow a website that's being blocked (legitimate website) but I don't know where is the right place. I have added a rule to allow the destination IPv4 address on ASA Firepower Configuration/Access Control Policy/Rules but it doesn't work. I need to learn more about this but for now I need to unblock this as soon as possible. Also I found the below log looking at the live logs but from ASA Firepower monitoring couldn't see anything. (This is an integrated FTD module on the ASA). I'm running ASA 9.14(1)30 with ASDM 7.14(1).

SFR requested to top TCP packet from inside:xx.xx.xx.xx/5756 to Outside:xx.xx.xx.xx/443

 

Any help is appreciated since I need to correct this, then I can take the time to learn more.

 

0 Helpful
1 Reply 1

Kasun Bandara
VIP
VIP

‎10-06-2022 10:16 PM

you need to check firepower traffic logs. not ASA live logs. firepower traffic logs will show exact firepower rule which affecting to this web site and you can update firepower rule accordingly. since log says, SFR it blocking the traffic, you need to edit firepower rules. not ASA ACLs.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card