Web Server .js files not loading to outside clients

L2 Linker

Web Server .js files not loading to outside clients

Our WebMaster is working on implementing some .js files on our WebServer. He has a few specific .js files loaded onto our Web Servers.

They load up with no problems internally (Our PA allows ALL traffic from internal to our DMZ, Internal and External traffic both flow through an A10 Load Balancer to our two physical servers).

From the OUTSIDE, the .js files will "partially" download, then hang. Our Policies only allow "Web-Browsing" and "Web-Crawler" applications access.

I have been all over the PA Monitor tabs, and do not see ANY blocked or denied traffic. Is there some specific application that needs to be allowed to have this function?

Here is the .js file in question:


Once in  a great while it will load, but if I clear the browser cache, it again hangs during loading.

L2 Linker

Re: Web Server .js files not loading to outside clients

Found that adding "SilverLight", and "Flash" let the .js files work, but this brings up another question:

During my troubleshooting, I was looking for ANY traffic from my test laptop on the Internet (static Public IP), for all Monitoring tabs.

I was able to see "Web-Browsing" on port 80, but that was the ONLY traffic seen (Allowed OR Denied)

Once I added "SilverLight", on the Traffic Monitor, I am now seeing allowed traffic for "Web-Browsing" AND "SilverLight".

Why is this traffic showing on the logs after allowed, but NOT showing on the logs when it should have been showing as "denied"?

L6 Presenter

Re: Web Server .js files not loading to outside clients

You can use an app override if you feel that the PA decision is incorrect.

Looking at your js-file its full of silverlight references so im not suprised that PA classify this file as a silverlight application.

Regarding seeing blocked requests you need to manually specify a last "any, any, deny + log on session end" because the built in hidden rule is just "any, any, deny" (without any logging).

In URL filtering options there is a "log container page only" which is enabled by default but that shouldnt affect how the appid's are being logged (since url filtering is something else).

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!