I'm attempting an upgrade from 12.4-18 to latest 12.4-24T on a 1841 (my point for upgrade is to allow TCP out of order segments through the firewall which seems to have been introduce in 12.4-11T).
The router uses NAT, and a PPP dialer for an ATM (adsl) interface. Its initial configuration was done by SDM, so it has the default SDM low firewall configuration.
When upgrading to 12.4-24T, all the traffic that is not explicitely permitted by the inbound access list of the outside dialer 0 interface is blocked by it, even though a show ip ips inspect all shows all the traffic accepted by the firewall.
It all looks like that the access-lists exceptions were not added in front of my inbound access-lists as it should have been done.
I can post the configuration if needed.
Any ideas on how I can debug this issue?