Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

The Internet traffic to the Websense server gets blocked by the PIX/ASA firewall configured with the url-block block command

Core issue

This issue is due to the presence of Cisco bug ID CSCse55931.

This problem occurs when the firewall is configured to filter URLs through Websense or N2H2 and has the url-block block command enabled, then available 1550 byte blocks can deplete. This results in a disruption of communication between the firewall and the Websense server.

When this issue occurs, the PIX/ASA firewall does not send the URL Lookup_Request or Status_Request to the Websense server, which results in HTTP traffic blockage.

Resolution

In order to resolve this issue, disable the url-block block command.

The url-block block < block_buffer > command creates an HTTP response buffer in order to store web server responses while it waits for a filtering decision from the filtering server. The permitted values range from 1 to 128. This specifies the number of 1550-byte blocks to use.

This issue is fixed in PIX/ASA firewall version 7.2(2) and later, which can be downloaded from the Software Download Center.

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 04:06 PM
Updated by:
 
Labels (1)