Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

When using urlfilter web server becomes unavailable

Remote Location (DET) has a vpn tunnel built to our main location (ML) where our websense server sits.

This is the websense configuration that is in place on DET. DET local LAN is

    access-list 50 permit any log
    ip inspect name websenseinternet http java-list 50 urlfilter
    ip urlfilter urlf-server-log
    ip urlfilter server vendor websense
    ip urlfilter allow-mode on

    Interface FastEthernet0/0.1
    ip inspect websenseinternet in
    ip inspect websenseinternet out

There is a web server (actually its a ups snmp adapter that runs a webserver) that I need to get access to ( If the websense configuration is running I am unable to access the web server. If the commands are removed, I can access the webserver no problem.

Any ideas?

Cisco Employee

Re: When using urlfilter web server becomes unavailable

Can you please provide a better understanding of the topology that we are dealing with here?  As you describe above, this webserver/snmp adapter resides across the VPN tunnel - at the DET location - correct?  What is the VPN tunnel access-list?  From where are you trying to access this server?  Are you getting any syslogs?

If it isn't already there, please enable 'ip inspect log drop-pkt' on the DET device, as well as the local device.  After attempting to access the snmp adapter, gather the output of 'show log | inc FW'.  Do you receive any other syslogs at the time of the issue on either router?  Have you tried disabling firewall (CBAC) while leaving Websense enabled? Do you get any syslogs on the Websense server?

Any information that you can provide relevant to the topology and/or syslogs that are generated at the time of the failed access is greatly appreciated.

Best Regards,


CreatePlease to create content