Upgrade from 12.4 to 12.4T, ios firewall not working?

Unanswered Question
Mar 9th, 2009
User Badges:


I'm attempting an upgrade from 12.4-18 to latest 12.4-24T on a 1841 (my point for upgrade is to allow TCP out of order segments through the firewall which seems to have been introduce in 12.4-11T).

The router uses NAT, and a PPP dialer for an ATM (adsl) interface. Its initial configuration was done by SDM, so it has the default SDM low firewall configuration.

When upgrading to 12.4-24T, all the traffic that is not explicitely permitted by the inbound access list of the outside dialer 0 interface is blocked by it, even though a show ip ips inspect all shows all the traffic accepted by the firewall.

It all looks like that the access-lists exceptions were not added in front of my inbound access-lists as it should have been done.

I can post the configuration if needed.

Any ideas on how I can debug this issue?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
daysofwonder Tue, 03/10/2009 - 05:47
User Badges:


Thanks for your answer.

Although I couldn't find the issue witht bug toolkit, I upgraded to an older version 12.4-15T8 and it seems to work fine so far, so I think the issue appearead in a subsequent release.



This Discussion