Unable to access specific web site

Unanswered Question
Jun 24th, 2008

Hello, I hope this is the right place for this topic. I have an intersting problem in that one of the doctors I work for is trying to access another facilities systems. The remote system is available through a specific URL. they are using a "HTTPS://abc.medical.org:port#/EMR" type of url.

We are completely unable to access this web page from inside our facility. outside our firewall we can access the other site just fine.

We are using an ASA5510. I suspect I have something configured or misconfigured to block access to this site. All other web addresses appear to work fine, except this one.

Do I need to modify something to allow traffic going to an HTTPS site on another port?

I'll take any suggestions you all might have.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rschling22 Tue, 06/24/2008 - 14:02

Can I ping from inside? No! I am unable to ping, sorry I forgot to mention that. I will try to ping from outside the firewall when I get home tonight to verify they actualy do respond though. Thanks!

rschling22 Tue, 06/24/2008 - 18:59

For what it is worth, I did test a ping from my home computer. While I can access the web page from home, the ping does NOT respond at all.

Marwan ALshawi Tue, 06/24/2008 - 20:28

to make ping you need to use this command

permit icm any inside or outside eq echo

and if u want to ping from the asa u need to add echo-reply too

can clearify ur problem in more details

thanks

mohammed_moustafa Wed, 06/25/2008 - 02:09

Hi Dear,

you may have to permit trafic from inside network to HTTPS services, in the access list applied to the inside interface add permit tcp x.x.x.x 255.x.x.x any eq https, sure replace x.x.x.x with your subnet and mask.

if it didn't work make that test and update me with the result: nslookup from your pc in the inside network and quiry the url without https or port number just ABC.organization.com

B.regards,

rschling22 Wed, 06/25/2008 - 06:21

thanks for the suggestions, so far nothing works.

someone asked for me to redifine my problem so here goes.

From inside my hospital network, we are unable to access a remote hospitals system. the remote system has set up a dedicated web address specifically for the physicians (and whoever) to access thier systems remotely.

The remote website uses the format of " HTTPS://imed.remotehospital.org:9443/iMed "

From my home computer I can access the remote web page, but I can not Ping the remote IP address.

From my hospital network, we can NOT access the page, nor ping. however I think they have turned off the ping reply on thier end.

I have been using the Logging feature in my ASA ASDM system to try to monitor what happens when accessing the remote system. I get a syslog entry stating an outbound connection has been built, but the remote web page will not diplay.

I do use other HTTPS websites, and none of them have had any probles so far.

I suspect the problem may be in the :9443 port number on the remote site, but have no idea how to work around it.

I have no settings on my local computers that would prevent this from working, that I know of.

thanks for any and all suggestions

--Mouhammed, I tried the ACL you suggested, no luck. Thanks!

Rob.

Actions

This Discussion