Ironport WSA shows our customised blocked page if any user try to access a site which not allowed in access policies.A small problem here is that ,it even shows the blocked page when user type a url wrongly.As soon as user see this,they feel that the site is blocked.
Any parameter need to change to resolve this issue?.
Agreed. A more detailed explaination of how the identity and the access policies are setup would help. My bet is that, under that access policy, you have everything set to deny and are using a custom category to specify allowed URL's.
Or is it possible you're using End User Notification Pages and your users are mistaking the DNS failure notification for the site being blocked? I know we've had to deal with plenty of calls where this was the case - we use our own custom corporate logo embedded on notification pages so as soon as users see this they assume we're blocking the site.
I've since amended the default ERR_DNS_FAIL file on our s660s to contain additional wording - basically stressing users check their typing/ensure they have the correct address before logging calls with our IT Help Desk. Of course we still get the calls!
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...