cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1058
Views
5
Helpful
4
Replies

wsa doesn't show the EUN page on google chrome but show it on IE and Firefox

Ismael10
Level 1
Level 1

Hello community,

we just deployed Cisco WSA physical appliance in our network. We configured a lot of rules, everything seems OK unless the EUN page that doesn't work on google chrome. Note that for the same page, IE and firefox show the EUN.

Thanks in advance

4 Replies 4

shgrover
Cisco Employee
Cisco Employee

Hello Ismael,

Could you please tell me what happens, do you get any errors?

The URL's that you are talking about are they HTTPS or http ?


Do you have differnet policies for IE and Chrome browser?

For the browsers to display the EUN, the https traffic must be decrypted. if its being displayed on IE, I wonder if you have differnet policies for these browsers.

If https traffic is being decrypted, The browser must trust the WSA cert.

Do you have an explicit or Transparent set up? (PAC file/IP -hostname on the browser OR WCCP)

If you have wccp set up, can you also try if the EUN page is diplayed when it is explicit?

At the end if you dont find any other differences between settings for IE and chrome then I would suggest you to choose a URL for which IE diplays an EUN page and Chrome doesn't.
collect access logs and packet captures and we can find out if there is a difference between the 2 scenarios.

 

Regards

Shikha Grover

PS: Please don't forget to rate and select as validated answer if this answered your question

Hello Shika,

 

THank you for your response.

It is an https site, I apply a decryption policy with decrypt action set and an access policy with block action set. As an example, for twitter, I get this :

wsa_chrome.PNGwsa_ie.PNG

Same policy for IE and Chrome also

Hello,

 

It seems like chrome doesnt recognize the WSA certificate. Its weird because chrome and IE both use the same settings and I believe the same cert store as well.

 

Please add the WSA cert to the trusted CA store again.

collect accesslogs when you access "twitter.com". Also, check that chrome is not redirecting to "https://www.twitter.com" while IE does redirect. try to explicitly mention " https://www.twitter.com" on chrome and access the page on chrome again and see what happens.

 

Regards

Shikha Grover

PS: Please don't forget to rate and select as validated answer if this answered your question

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: