Router blocks certain websites

Unanswered Question
May 25th, 2007


We have a bunch of Cisco 871 routers and after upgrading to the latest IOS (c870-advipservicesk9-mz.124-11.T2.bin); do to some of the problems with previous IOS versions (appfw consumming 100% CPU); we are experiencing a problem with 1 of the routers, where certain websites, including this one ( won't load and just time out.

I went through the config and removed all IP inspect rules and turned of appfw to see if this would solve it, but without any success.

I ran a packet scanner on the network to see what could be causing the block, and analyzing the output it seems that the sites in question are sending malformed packets via this router. Well at least it seems that the router is corrupting the packets. What is weird however is that it only does this for certain sites and not all.

Has anyone ever experienced this? Or any suggestions on how to go about solving this problem?

Please let me know



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bjornarsb Sat, 05/26/2007 - 10:56


Yes , we have the same problem with a 871 running : c870-advipservicesk9-mz.124-11.T2.bin.

We will try to downgrade :)


Bjornarsb Wed, 05/30/2007 - 11:55


I am not sure if you are also running OSPF or any special routing protocols. But we discovered the problem seemed to have something to do with our OSPF cost settings.

it is kind of strange that some sites would try to route one way vs some sites where routed correctly.

Maybe there is a bug in the firmware, where it inspects the data that was sent from the "web servers" and try's to route with that information.

Anyways, this solved this issue. We have however discovered other problems (no qos tagging on vlans with this firmware) with this firmware and probably will be forced to downgrade as well.


This Discussion