Unable to connect to a specific URL through WSA despite of having included into the whitelist - Cisco Community

1790

Views

0

Helpful

1

Replies

Hi!

I am trying to allow access to a web page which domain is "https://xxxxx/xx/portal.htm".

I have already included it into the custom and external URL Categories, but still cannot connect to it.

We use proxy and also included into the bypass proxy server local address.

However out of the WSA network, I am able to get into the web page. Additionally, this URL resolve with "https" although it is typed with "http.

Something that may be important to know is that the URL belongs to Business and industry categorization and that it have to be blocked according to our needs. Also, there is a subordinated certificate in order to connect to https web pages.

Please let me know what It's missing

Thanks in advance

1 Reply 1

Hi,

Recommend to take packet capture from client and WSA (capturing client and server side connections) at the same time to see where the issue is.

Also take accesslogs from WSA as well to see if the HTTPS traffic being decrypted or passthough and also the HTTP code for the traffic (such as 200, 403, 504, etc).

If the website has intermediate certificate and that certificate is not in WSA trusted certificate store, you will need to import that certificate to WSA certificate management from the GUI for WSA to trust it.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community