dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1
share rss forum feed

aryoba
Premium,MVM
join:2002-08-22
kudos:4
reply to HELLFIRE

Re: Burned by IP INSPECT -- My Own Personal Journey

said by HELLFIRE:

@aryoba
Thanks for the advice, will keep it in mind. Like I said in the beginning, nearly ALL HTTP/S traffic I ever ran
with CBAC on didn't have an issue; I don't think I use all possible HTTP/S connections out there, but all the typical
stuff these days -- std HTTP/S pages, logins, youtube, HTTP downloads, etc. ALL played nicely EXCEPT JDownloader
updates which used an HTTPGET BUT "ip inspect http" SOMEhow thought it was not a valid setup / connection
and killed the session.

This is not the first time some "legitimate" HTTP/HTTPS application get zapped. It is possible that the application does not employ standard RFC somewhere hence the zapper sees them as illegitimate traffic to zap. It is then about tune the zapping level in addition to be using the trusted/proven zapping method and/or appliance.