Unable to reproduce some streaming videos from Akamai behind WSA S670
In my organization we have an Ironport S670 version 7.5.2-304 and I´m unable to reproduce some stream videos hosted in Akamai. It´s an odd situation because I could not find way to by-pass this restriction. Not all Akamai videos are experiencing the issue, but if I don´t use Ironport they all work fine. As it´s very difficult to detail the behavior, I´d like to ask you to test in your own environment if you can.
Verifying results in Firebug, I also can see this:
"[ERROR] time 17:00:04.964 :: 201, Unable to load stream or clip file, , clip: '[Clip] 'http://cers10hds-vh.akamaihd.net/z/account/869/1/2015-01-17/video/f643ab4351111f5bc4b73d41d6788170/VIN_2974_121814_LEG_PEN_ESP_PCJ_2015_LEIS_CRIME_HED_AULA01_PtI_OK_240p.mp4/manifest.f4m?hdnts=st=1422384953~exp=1422386033~acl=/*~hmac=5b5b8956f3b3a130accc6bc11a871049f9b1c57af78e9d74263db8f906984a6c''"
I´ve created an Identity to my entire network (without authentication), defined a custom URL category with the adresses "akamaihd.net", "cers.com.br" and "liquidplatform.com" (I found the last one in firebug) and created a specific policy allowing this Identity, but the 403 error stills happening and the video does not reproduce.
If you have any idea or suggestion, I'd really appreciate that.
It will not be allowed with WSA or without WSA and getting access denied from the web site it self. This is due to the streaming video in that page is per segment (in regards to the stream traffics) and using some sort of manifest and to play the full video, it will need the rest of the manifests.
Below is from the WSA logs, if you just accessing that link (similar that you are getting):
Cisco Champion Radio · S7|E37 Business Resiliency for your Workforce and Workplace
Today, organizations are facing changes so large, so fast, and so many—seeing acceleration of already established trends as well as unprecedented disruption—that’s making ...
Hello,i have a N5k-k5548up-af and i have a acl for trusted network which is attached to line vty and to my uplinks interface, and i have around 250 interface vlan and my interface vlans can reach bgp port or snmp port, is there nayway that tune copp to pe...
This event had place on Tuesday 22nd, Septemberat 10hrs PDT
Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active role help...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...
There has been a lot of grey area when one needs to get started with ISE or when one does not have any specific background.Could you please guide me to what are the thing that one needs to know inside out and what are the things which require only a minim...