Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
568
Views
0
Helpful
0
Comments

The user is unable to view Java pages in Cisco Adaptive Security Appliance (ASA) 5510

TCC_2
Level 10
Level 10

‎06-22-2009 06:12 PM - edited ‎03-08-2019 06:27 PM

Core issue

This problem usually occurs when inspect http is enabled, and there is a problem with the allowed maximum segment size.

Resolution

To resolve this issue, perform these steps:

  1. Disable inspect http.
     
  2. Issue these commands in the ASA configuration:

    (config)# access-list web-out permit tcp any any
    (config)# class-map web-out
    (config-cmap)# match access-list web-out
    (config-cmap)# exit
    (config)# tcp-map mss-map
    (config-tcp-map)# exceed-mss allow
    (config-tcp-map)# exit
    (config)# policy-map global_policy
    (config-pmap)# class web-out
    (config-pmap-c)# set connection advanced-options mss-map
    (config-pmap-c)# exit
    (config-pmap)# exit
    (config)#service-policy global_policy global
    (config)# wr

For a detailed description of these commands, refer to Cisco Security Appliance Command Reference, Version 7.2.

Problem Type

Troubleshoot software feature

Product Family

ASA Hardware & Software


Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents