I have an dual failover two ASA 5520 scenario that we are using for firewall purposes. I have the URL filtering setup on these ASA's which are currently filtering http traffic without any problems. However, when it comes to HTTPS....that's a whole other story. For some reason I can't get the ASA to send HTTPS traffic to the smartfilter server.
ASA version = 8.2(1)
Smartfilter version = 4.1.1
Initially before starting this endeavor, we were on a cisco pix failover scenario using version 7.1. I had contacted TAC and they explained that we had to upgrade in order to resolve this problem. Therefore, I removed the pix's completely and put in the ASA's with 8.2(1) on them thinking this would fix the problem. Nope!
I also contacted Mcafee, new owner of Secure Computing which owns Smartfilter, and they advised that version 4.1.1 supports https filtering and it has to be something with the firewall.
Upon further investigation I did a 'show url-server stat' and noticed that i'm not sending any https requests to the filter
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...