Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
229
Views
0
Helpful
1
Replies

Problem with CBAC

yantisj
Level 1
Level 1

‎09-15-2003 02:03 PM - edited ‎03-02-2019 10:21 AM

Currently, our router(2514) uses RACLs to provide some level of security using the tcp established option. I attempted to enable CBAC on my router following this document almost exactly: http://www.cisco.com/en/US/customer/products/sw/secursw/ps1018/products_configuration_example09186a008009445f.shtml Things seemed to work most of the time, but I was having problems with http. With fast switching enabled, some http traffic could not come through, and I would see log entries of the web browser trying to make a connection and the return ack packet getting blocked. This would happen for maybe 5% of connections, but it was enough to make a lot of web pages hang waiting on an ad to download etc. The problem would go away when I disabled route caching, but the performance drop was unacceptable.

I was wondering if anyone else has experienced this behavior with CBAC? I found one more person on a newsgroup with the exact same problem, but no one had an answer.

Labels:
0 Helpful
1 Reply 1

rais
Level 7
Level 7

‎09-16-2003 06:09 AM

I would try adding inspect out on tcp/http as well.

Rais.

0 Helpful
Customers Also Viewed These Support Documents