08-04-2008 11:38 PM - edited 03-11-2019 06:25 AM
I seem to be having issues with CBAC on a 877.
I have tried accessing certain webpages without the CBAC setting and there is no issue.
Some websites seem fine, whereas others partially load or not at all. For example elements of the cisco homepage do not load, specifically the animated section. I have test a few websites and some don't seem to come up all all, youtube and ebay are a couple of example.
My CBAC configuration should be pretty standard, I have an ACL denying almost everything except some ICMP (it starts deny UPD/TCP then allows ICMP), and the inspect statements cover most protocols.
I have noticed that my deny ACL statement is blocking some packets...
Dave
08-05-2008 03:04 PM
Hi Dave,
Try adjusting your CBAC config to *only* inspect TCP, UDP, and FTP and see if that makes a difference.
-Mike
08-05-2008 07:15 PM
through what you said
i guess is related to flash player and JAVA
just track those things
good luck
08-05-2008 11:23 PM
Hi I solved my issue..
"ip virtual-reassembly" was disabled and it appears that the fragments were getting dropped by the firewall policies. I still don't really understand why this causes issues with some issues, but I must be realed to the content in the HTML.
Dave
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: