I am an IT consultant and recently one of my clients using a Cisco ASA5505 firewall stopped being able to use the rental car search through Alaska Airlines website. Checking the logs, I see deny entries for IPs that resolve to AWS. I am guessing that they are doing some sort of hand-off to a cloud server for the search and the firewall blocks it. I verified that this occurs for all my clients using an ASA5505 that try to search for rental cars through that site (hotel searches work), but is not an issue on 5506/5508 so I am guessing it is part of the default config. The default DNS limit is in place: policy-map type inspect dns preset_dns_map > parameters > message-length maximum 512, but the same issue occurred when I removed this limit. Is there an easy way to resolve this without sacrificing security?