cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1067
Views
0
Helpful
4
Replies
Highlighted
Beginner

WSA access policy issue

I have a user that has an access policy applied to them to be allowed access to the URL category Job Search. When I do a policy trace, it comes back with transaction permitted, but is still getting the Block page stating that they are not allowed: Block - URL Cat. When I look at the access logs in the CLI, I find this (internal IP address and username changed and striked through):

1448294967.774 1 999.999.999.999 TCP_DENIED/403 0 GET http://www.indeed.com/ "username" NONE/- - BLOCK_WEBCAT_12-DefaultGroup-NALAD-NONE-NONE-NONE-NONE <IW_job,3.4,-,"-",-,-,-,-,"-",-,-,-,"-",-,-,"-","-",-,-,IW_job,-,"-","-","Unknown","Unknown","-","-",0.00,0,-,"-","-",-,"-",-,-,"-","-"> - Auth SSO_TUI - ID = 46578059 "23/Nov/2015:10:09:27 -0600", User Agent "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"

I don't know where the TCP_Denied/403 is coming from.

4 REPLIES 4
Highlighted
Beginner

The user was not hitting theiur appropriate access policy. Restarting the proxy services fixed the whole issue.

Highlighted

Thanks for reaching out,  This is documented as following software defect:

https://tools.cisco.com/bugsearch/bug/CSCuu49389

Fix is available now, with the version 8.5.3 build,  Please open a TAC case (with the serial #) so we can provision the release for your Appliance.

Regards,
Zack

Highlighted

Looks like I'm having the same issue on version 8.8.0-085

Highlighted

Just wanted to confirm, that this is the same issue, and Kicking or restarting the proxy service was the fix.

Content for Community-Ad