Problems getting AV updates through an 1811W router

Unanswered Question

We have a Cisco 1811W router for our gateway to the Internet. I just setup McAfee Groupshield on a new Exchange server. When I tried to run updates, they would fail. It uses HTTP over port 80 to download the updates. The updates would start to download and the progress bar would show the percentage of the file downloaded. After about 15 - 20 seconds, the percentage stopped. After about 45 minutes, it would finally fail (still at the same percentage downloaded).

I bypassed the router and directly connected to the Internet, and the update works fine. I recently had problems with some Exchange emails getting blocked at the firewall. I went into the Firewall | Application Security and turned off inspection on ESMTP and SMTP and that solved the problem. The router is setup to inspect TCP and UDP. I think that might be part of the problem, but I don't know what to change.

Has anyone had this problem or know how to fix it? I don't know a lot about routers, so if I am way off, let me know.

Thanks,

Jason

Here is some of the configuration of the router

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

ip subnet-zero

ip cef

!

!

ip domain name yourdomain.com

ip name-server 161.164.20.201

ip name-server 151.164.67.201

ip inspect name SDM_LOW cuseeme

ip inspect name SDM_LOW ftp

ip inspect name SDM_LOW h323

ip inspect name SDM_LOW icmp

ip inspect name SDM_LOW netshow

ip inspect name SDM_LOW rcmd

ip inspect name SDM_LOW realaudio

ip inspect name SDM_LOW rtsp

ip inspect name SDM_LOW sqlnet

ip inspect name SDM_LOW streamworks

ip inspect name SDM_LOW tftp

ip inspect name SDM_LOW vdolive

ip inspect name SDM_LOW tcp

ip inspect name SDM_LOW udp

ip ips po max-events 100

no ftp-server write-enable

!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
John Blakley Wed, 09/02/2009 - 10:00

I don't see an inspect for http traffic. You might try adding:

ip inspect name SDM_LOW http

HTH,

John

Actions

This Discussion