Can't access any HTTPS websites from inside

Cameron.Carlson · ‎05-23-2018

I have 3 VLANs setup on two of the VLANs I can not access any https website. HTTP working fine and so does icmp.

VLAN 10, 14, 16

I have an ASA 5520, 2901, Autonomous AP and 3560g sw

I have 3 SSID on the AP.

10 for Management

14 for users

16 for Guest

Modem to ASA

ASA to Switch

Switch to Router

Switch to AP

10 and 14 go to the router, 16 goes straight to the asa

16 can access all websites

10 and 14 can not.

I have a local DNS on site, with Google public as a secondary.

I did try setting a static DNS on my network IF on my computer and flushed the cache. It made no difference.

SH Run of ASA,Router,and switch are attached.

If anyone has any idea, please let me know.

Julio E. Moisa · ‎05-24-2018

Hi,

Please let me see the files, you want to reach public https websites? what is the source network?

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Cameron.Carlson · ‎05-24-2018

The files are all attached, are they not view-able?

Every Vlan Source is different. And yes, public websites.

Dennis Mink · ‎05-24-2018

if your vlans 10 and 14 can access http or other public IP addresses, its obviously not a routing issue and I would look at your ASA first.

use the packet tracer tool on the ASA and simulate traffic from vlan 10 and 14 to any public up on destination port 443 and see if it gets blocked.

Please remember to rate useful posts, by clicking on the stars below.

Cameron.Carlson · ‎05-25-2018

VLAN 10 and 14 are the only two that hit the router and then route out to ASA and then to internet.

VLAN 16 goes straight to ASA and then straight out.