Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5510 HTTPS Filtering Bog Down

I am running a Cisco ASA 5510 with Trend Micro Interscan. We have it set up to filter https except for a handful of sites. It is filtering the ones we don't want ie: facebook, and youtube. Though it is causing all other https to slow to a crawl. Therefore some sites it times out on us. What should we be looking for to change so it isn't slowing the allowed sites down?

Version numbers

ASA - 8.4(3)

ASDM - 6.4(3)

Trend - 6.6.1125

1 REPLY
Cisco Employee

ASA 5510 HTTPS Filtering Bog Down

Hi Ron,

A couple of basic things to check:

1. The ASA's inspection policy should not be configured to match traffic from the CSC module's management IP address

2. The policy should also not match any traffic other than the protocols you want to filter

3. None of the CSC module's debug logs should be enabled

4. The ASA should not send more traffic to the CSC module than it can handle:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper0900aecd805c3cd6.html

If the above suggestions don't help, I would suggest opening a TAC case to have this investigated further.

-Mike

448
Views
0
Helpful
1
Replies
CreatePlease to create content