I'm looking for some guidance on a problem i'm facing with Ironport. Our external company website has a flash clock widget that loads 8 different timezones. Depending on the website page you visit it may only load 6 of the 8 clocks. The problem is not consistent per user, so for example I may visit a certain page and get 5 out of 8 clocks but another user may visit the same page and get all 8.
When I look through the logs in Ironport I get the following message for the clocks that do not appear: TCP_MISS/403 611 There are no other blocks showing against the Access Policies set in Ironport so i'm lost as to why this is being forbidden (403) Any help would be gratefully appreciated.
You will need to grep for the access logs while testing this application. What your looking for are requests made by the application which are being blocked by your access policies hence the 403 that your already seeing in the access logs. Once you have determined the URLs being requested by the application add those URLs to a custom URL category: WSA GUI -> Web Security Manager -> Custom URL Category -> submit -> commit your changes. You will also need to add this custom URL category to a No Authentication Access / Identity which will also contain a No Authentication Identity. Usually in this scenario you will already have a default No Auth Identity based on your class of network A,B,C created with a Custom URL Category already directly associated to that identity. This type of Access Policy , Identity, Custom URL Category is designed for applications , Operating system updates etc...
WSA Cisco Forums Moderator
We are happy to share changes to the Cisco Threat Grid support experience! Our customers have spoken, and we have listened! You want a single, streamlined, easy to access tool to open, view, and update your cases across Cisco Services. That tool is Cisco’...
Where can I find out how to integrate my Cisco products with Threat Response?
There are quick start guides and instructional videos to help you get set up with your Cisco products and the Cisco Threat Response platform.
Inviting all Security & Networking professionals! We want you to tell us what devices you use to do your work and its screen resolution. Your response will help us improve network and security management tools.
Click here to take the 5-minute s...
This guide is intended to show some nifty and powerful use cases that a lot of customers either want or don’t know they want. There are tons of other content out there for specific knobs or capabilities, but this is looking to be a more complete...