New Member

Re: Ask the Expert:Configuring, Troubleshooting & Best Practices

Hello Jonan,

you indicate "Port  443 is opened " the Cisco ASA do NOT inspect this particular SSL port.

Have you check the output of the following cli command:

packet-tracer input outside tcp "internetsourceipaddress" 44444 "exchangeserveripaddress" 443 detailed

show service-policy flow tcp host "internetsourceipaddress" host "exchangeserveripaddress" eq 443

show service-policy

Regards