Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1159
Views
0
Helpful
1
Replies

ASA and URL-Filtering

dtjacob
Level 1
Level 1

‎09-17-2007 12:41 PM - edited ‎03-11-2019 04:12 AM

I have recently deployed two ASA in Active/Standby failover mode. When a users goes to a site such as hotmail.com, the connection appears to be blocked, generating the syslog message below.

Sep 17 13:12:19 gateway-fw-i %ASA-5-304002: Access denied URL SRC 10.X.X.X DEST 207.46.8.249 on interface inside

Sep 17 13:12:20 gateway-fw-i %ASA-6-302014: Teardown TCP connection 1807606 for outside:207.46.8.249/80 to inside:10.X.X.X/1847 duration 0:00:03 bytes 1393 Flow closed by inspection

However, hitting F5 seems to bypass the filter. Has anyone seen this issue before? The url server is Websense and the filtering config is listed below.

url-server (inside) vendor websense host 10.x.x.x timeout 30 protocol TCP version 4 connections 25

url-cache dst 128

filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow

filter url 443 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow

url-block block 128

The code is Cisco Adaptive Security Appliance Software Version 7.0(6)

Labels:
0 Helpful
1 Reply 1

tstanik
Level 5
Level 5

‎09-21-2007 02:04 PM

This problem may appear because of URL getting truncated. Add the following statement to your URL filtering statements:

filter url http 0.0.0.0 0.0.0.0 allow longurl-truncate

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card