Hi,
I've received following log when trying to deploy patch.
1342508764.401 99 192.168.30.28 TCP_MISS/304 323 GET
http://crl.microsoft.com/pki/crl/products/WindowsPCA.crl
- DIRECT/crl.microsoft.com application/pkix-crl ALLOW_WBRS_11-SCCM_MSS-SCCM_MSS-NONE-NONE-NONE-DefaultGroup <C_Auth,6.9,"-","-",-,-,-,"-","-",-,-,-,"-","-",-,"-","-",-,-,IW_comp,-,"-","-","Unknown","Unknown","-","-",26.10,0,-,"-","-"> - 124.124.40.11 80 "Microsoft-CryptoAPI/6.1" -F
1342508764.497 87 192.168.30.28 TCP_MISS/304 323 GET
http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl
- DIRECT/crl.microsoft.com application/pkix-crl ALLOW_WBRS_11-SCCM_MSS-SCCM_MSS-NONE-NONE-NONE-DefaultGroup <C_Auth,6.9,"-","-",-,-,-,"-","-",-,-,-,"-","-",-,"-","-",-,-,IW_comp,-,"-","-","Unknown","Unknown","-","-",29.70,0,-,"-","-"> - 124.124.40.11 80 "Microsoft-CryptoAPI/6.1" -F
Please assist to resolve this error.
Thanks & Regards,
Dhaval Dikshit
I do not see this causing any block. What I do see is that we are saying that nothing has changed with the "304". "304" means "Not Modified". This is usually the response from the server when the browser asks about whether the items stored in cache have been updated.
1342508764.401 99 192.168.30.28
TCP_MISS/304
323 GET http://crl.microsoft.com/pki/crl/products/WindowsPCA.crl
- DIRECT/crl.microsoft.com application/pkix-crl
ALLOW_WBRS_11-SCCM_MSS-SCCM_MSS-NONE-NONE-NONE-DefaultGroup
At no point in either of these items do I see a block. I would recommend looking for 504 or 403.
Christian Rahl
Customer Support Engineer
Cisco IronPort - Web Security Appliances
Cisco Technical Assistance Center RTP
United States Ironport: 1-877-641-IRON (4766)
Hi Dhaval,
What happens when you try to download the patch ? Also have you set up a No Authentication Access Policy, No Authentication identity based on your network subnet and added a custom URL containing microsoft.com, .microsoft,com to the No Authentication identity ? Also if you have what areyou doing with the traffic ? Example Monitor or Allow ?
Sincerely,
Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator
Hi Erik / Christian,
I configured No Authentication Access Policy and added custom URL containing Microsoft sites. And that traffic monitor.
Thanks & Regards,
Dhaval Dikshit
Hi Dhaval,
Was this already configured before you had this issue or did you just configure based on our recommendations ?
Sincerely,
Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator