Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
712
Views
0
Helpful
3
Replies

NAT and SSL certs in local browser

john.cunningham
Level 1
Level 1

‎03-08-2010 08:17 AM

Currently all our internal addresses translate to a single external ip addr. We want to break this up for certain segments to have different public addresses. When I test this for myself, I cannot reach the websites. This includes, verisign, secureworks, Ironport support portal. Bank is OK. When I remove the dynamic nat off the ASA, all is fine again. Web traffic, because it comes from non spoofed proxy address, should not have changed. The access logs don't show the site is ever accessed. I don't know for certain this is Ironport related but I do have HTTPS proxy enabled. 6.3.3. Let me know if anyone has seen similar. Thanks much. jc

Labels:
0 Helpful
3 Replies 3

john.cunningham
Level 1
Level 1

‎03-08-2010 08:20 AM

Clarification, I cannot reach websites where I have a user certificate installed for access, expect Ironport support site.

0 Helpful

john.cunningham
Level 1
Level 1
In response to john.cunningham

‎03-08-2010 08:26 AM

We use WCCP at core switch to route users to S360. HTTP and HTTPS in acl.

0 Helpful

khoanguy
Level 1
Level 1

‎03-10-2010 01:21 PM

This question was answer in customer support, further troubleshooting might be needed on the network/fw side.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents