Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Stateful Firewall Problem - Cisco 1811 - maybe simple Please help

Hi everyone,

We have a cisco 1811, E0 is the WAN, E1 is the LAN. The onboard 8 port switch is split into 2 VLANS. Only the LAN on port E1 is a 'trusted' network. The problem Im having is accessing Internet from the LAN on port E1. Now everything was working ok, with a typical setup of the trusted LAN being NAT'ed out by the WAN interface. The firewall was set to allow all out and nothing in - apart from management ports. Now all of a sudden only Web browsing over port 80 works to the internet. SSL (443) web sites fail to load, ftp fails, etc. I can see the inbound rule on the WAN interface blocking the resposes from the external site, except if its a port 80 response - and there are no special rules for port 80??

So it looks like the 'stateful' firewall process is working for http browsing but thats it, https/ftp is blocked?? By the way, ping responses work ok.

Any help or suggestions would be much appreciated.

Other info:

- Using the SDM, Traffic from the LAN to the WAN says the Firewall is 'Active'

- Using the SDM, Traffic from the WAN to the LAN says the Firewall is 'InActive'

Thanks

1 REPLY
Community Member

Re: Stateful Firewall Problem - Cisco 1811 - maybe simple Please

Solved it myself, the (CBAC) inpect rules had TCP disabled on the External int. Why did HTTP browsing still work? Anyway, its working!

181
Views
0
Helpful
1
Replies
CreatePlease to create content