Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

PIXOS 7.2(1) blocking web traffic?

Clients on our LAN access websites using web proxy servers. One website (that is accessible from other LANs) does not work either through the proxy or directly.

I can see conns (state table entries) between the clients and the site but no I flag to show inbound data:

TCP out 208.111.4.7:80 in 10.10.2.17:2747 idle 1:44:44 bytes 920 flags UfO

TCP out 208.111.4.7:80 in 10.10.1.194:43022 idle 1:15:06 bytes 1038 flags UfO

The firewall rules allow access to any website.

Has anyone had similar issues with their firewall? Can anyone advise me on how to check if the firewall is filtering return traffic from the website?

3 REPLIES
Silver

Re: PIXOS 7.2(1) blocking web traffic?

If your firewall is permiting you to setup connections to websites on port 80 your fine your firewall would not block return traffic.

Post your configuration. One suggestion upgrade to 7.2.2.

HTH

Hoogen

Silver

Re: PIXOS 7.2(1) blocking web traffic?

The flags in the above connections is showing that a "FIN" has been sent by the host on inside.

f - inside FIN

Need to find why the inside client is sending a FIN for the connection. Configuration and syslogs will help.

Regards,

Vibhor.

New Member

Re: PIXOS 7.2(1) blocking web traffic?

Thaks for the replies. I am upgrading to 7.2(2). The inside clients FIN'd the connections as there was no INBOUND data received from the webserver. The website admin has informed me that they are having some DNS problems that may be the cause.

167
Views
0
Helpful
3
Replies
CreatePlease to create content