Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SA540 and content filtering

Hi, this is my first post on this forum, and I am a total beginner wrt. firewalls and network security, som please bear with me if  I appear amateurish.

I have an SA540 for my home office, connected to ADSL with PPPoE. I have made very few changes from factory defaults, just to get it to work. The plan is to add features gradually as I learn.

The problem is that although I now finally can reach the internet, not all webpages display. I had quite a struggle to get any web-pages at all, as the browser timed out waiting for response. Ping'ing the web-sites worked (both ip- adresses and URL). It turned out that the default setting of Content Filtering had somethin to do with it. Content Filtering was turned off (factory default), but Enable Approved URLs list was on (but greyed out as a result of "Content Filtering" off). Turning on Content Filtering, but leaving all other filetering options off, solved the problem. Now I get most normal web-pages. However, there seems to be a problem with some java or scripted pages. Registration for cisco username was one example. Turning on blocking of Java helped, but then other pages failed.

There seems to be something completely wrong with either my setup (usually is) or the Content Filtering function of the SA540.

My setup (modifications from factory default) is:

PPPoE (ADSL modem in bridge mode), IP-address changed from default to, DHCP server (dynamic range, two reserved IP-adresses -140 and 141, DNS proxy enabled.

No firewall rules, no VLANs, VPN or other features are used.

On the LAN are a few Mac's and network disks (Time Capsules), and wifi.

Thanks in advance for any help.

Everyone's tags (1)
New Member

Re: SA540 and content filtering


Could you please post your current configuration and let me know which version of SA500 firmware you are using?

Could you list some of the web sites which failed to display?



New Member

Re: SA540 and content filtering


Thanks for helping. I have attached the config-file. (Username and pwd for PPPoE has been edited though).

The box came with firmware version 1.0.15. I upgraded to the latest version 1.1.42 in an attempt to solve the problem, but the behaviour is the same between these two versions wrt. the problem at hand.

When trying to open up web pages that I perceived as "haning" or "blocked", they appear to be working now.

Maybe that was "wrong user observation" :-) Nevertheless, the "Content Filtering" still has to be enabled to let anything at all through, so that observtaion is still valid. The default config is content filtering disabled. With this config, the firewall will not work "out of the box", and it is tricky to find why.

Another observation I made is that when making one PPPoE profile, it is not possible to open this for editing. It works when you have two or more profiles. But as long as you have only one profile, it can't opened for editing. The workaround is to make a second profile.