Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2684
Views
0
Helpful
6
Replies

WSA problem accessing two webs

Jesus Cano Villar
Level 1
Level 1

‎04-21-2017 02:15 AM

hi,

We are having problem accessing to two of our webs. Doing a packet capture in the client machine we see the error 504, and doing pcap in the WSA we see the error 404. If we bypass the proxy both webs are working. We dont see any drops in FWs.

Where could it be the cause for this problem??? 


Product: Cisco S170 Web Security Appliance
Model: S170
Version: 10.1.0-204

Labels:
0 Helpful
6 Replies 6

syeda3
Level 1
Level 1

‎04-21-2017 05:31 AM

Please see the below troubleshooting urls for WSA for gateway timeout.

http://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/118079-troubleshoot-wsa-00.html

http://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/118217-troubleshoot-wsa-00.html

0 Helpful

Jesus Cano Villar
Level 1
Level 1
In response to syeda3

‎04-21-2017 05:55 AM

I saw all these notes and i opened a TAC case. TAC closed ticket because in the pcaps the error was 504 so the problem is in another intermmediate device. But after this, we bypass the WSA and its working fine. Three-way handshake is done properly between WSA and server, but when WSA sends GET we dont see any respond. So its seems like its not a connectivity problem.

Where could it be the cause for this problem??? 

0 Helpful

Tim Glen
Cisco Employee
Cisco Employee
In response to Jesus Cano Villar

‎04-21-2017 10:08 PM

Typically when troubleshooting an issue like this a network diagram that shows MAC & IP addresses is needed in order to understand what is being seen in the PCAP.

trying to ping the web site,  if your WSA is replying to the PING request the Layer 4 Traffic Monitor may be blocking the website,  not the URL filter.   

0 Helpful

Jesus Cano Villar
Level 1
Level 1
In response to Tim Glen

‎04-24-2017 12:11 AM

ping is not allowed in this server but running a GET from WSA i get response.  I checked  Layer 4 Traffic Monitor and its disabled.

0 Helpful

Sriram Subramanian
Cisco Employee
Cisco Employee

‎04-24-2017 07:45 AM

The URL Category or Web Reputation Score in Access Policies / HTTPS Descryption Policy could be flagging the website you are accessing to be blocked. You could try creating a whitelist in the URL Category and applying it to the access policy to allow or pass through in HTTPS Descryption Policy.

0 Helpful

Jesus Cano Villar
Level 1
Level 1
In response to Sriram Subramanian

‎04-25-2017 01:14 AM

We dont have any Decrypt policy. We tried that with no success :(

0 Helpful
Customers Also Viewed These Support Documents