Cisco Cisco Web Security Appliance S160 Guía Del Usuario
A-12
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Appendix A Troubleshooting
Policy Problems
Blocked Object Problems
•
•
Some Microsoft Office Files Not Blocked
When you block Microsoft Office files in the Block Object Type section, it is possible that some
Microsoft Office files will not be blocked.
Microsoft Office files will not be blocked.
If you need to block all Microsoft Office files, add
application/x-ole
in the Block Custom MIME
Types field. However, blocking this custom MIME type also blocks all Microsoft Compound Object
format types, such as Visio files and some third-party applications.
format types, such as Visio files and some third-party applications.
Blocking DOS Executable Object Types Blocks Updates for Windows OneCare
When you configure the Web Security appliance to block DOS executable object types, the appliance
also blocks updates for Windows OneCare.
also blocks updates for Windows OneCare.
Identification Profile Disappeared from Policy
Disabling an Identification Profile removes it from associated policies. Verify that the Identification
Profile is enabled and then add it to the policy again.
Profile is enabled and then add it to the policy again.
Policy Match Failures
•
•
•
•
Policy is Never Applied
If multiple Identification Profiles have identical criteria, AsyncOS assigns the transactions to the first
Identification Profile that matches. Therefore, transactions never match the additional, identical
Identification Profiles, and any policies that apply to those subsequent, identical Identification Profiles
are never matched or applied.
Identification Profile that matches. Therefore, transactions never match the additional, identical
Identification Profiles, and any policies that apply to those subsequent, identical Identification Profiles
are never matched or applied.
HTTPS and FTP over HTTP Requests Match only Access Policies that Do Not Require Authentication
Configure the appliance to use IP addresses as the surrogate when credential encryption is enabled.
When credential encryption is enabled and configured to use cookies as the surrogate type,
authentication does not work with HTTPS or FTP over HTTP requests. This is because the Web Proxy
redirects clients to the Web Proxy itself for authentication using an HTTPS connection if credential
authentication does not work with HTTPS or FTP over HTTP requests. This is because the Web Proxy
redirects clients to the Web Proxy itself for authentication using an HTTPS connection if credential