PIX inspect http problem

Unanswered Question
Oct 19th, 2007

WE have our PIX version 7.2(2) using http inspection and set to drop protocol violations. The problem is, that it drops the Microsoft Updates. Anybody have an idea how to allow the MS Updates to work while still using the inspect http policy.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Fri, 10/19/2007 - 09:00

George, I believe you would have to work with creating policy and class-map to classify certain traffic, by default global policy does not inspect http but since you have altered this you would need to create a policy whereby you can apply acl to allow certain http traffic to not be ispected.

I have not done this as we have websence for filtering http but have read about it, if someone can point a good link that will be great or if there is any other way to do it.. if I find a good example link I will posted.




This Discussion