01-16-2003 08:27 AM - edited 03-09-2019 01:42 AM
If you configure "ip inspect name <inspection-name> http" command globally on a router with firewall ios software but do not configure a standard access-list, websites accessed with embedded java applets, that are blocked, become extremely slow to access through the internet. My questions:
1.) Could someone explain why this occurs to me in more detail?
2.) Do you recommend using this command?
3a.) Could someone provide a list of hostile (java applet) addresses to block (if this general list exists) to help create a std ACL to use with the "ip inspect name (http)" command?
3b.) Could someone provide a list of friendly (java applet) addresses to permit (if such a general list exists) to help create a std ACL to use with the "ip inspect name (http)" command?
01-22-2003 08:18 AM
I think your question is contradictory. The access list is configured to block hostile addresses. Since you have not configured one how do you say its blocked?
01-22-2003 08:58 AM
Because no standard access-list was configured, I thought the "implicit deny all" rule applied but maybe that was not the case. Regardless, I am most curious to find out why some websites accessed took 30-40 seconds to load with the "ip inspect name
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: