republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Equipment Support » Hardware By Brand » Cisco » [Config] Firewall config or virus/spyware?
Uniqs:
1168		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Submit a new forum topic ·Forum FAQ ·Submit a FAQ ·Docs Guidelines and Advisories ·EOS/EOL thread
switch cannot boot »
« [Config] 871 & 12.4(15)T3 DebugsON ?  
jrpavel3

join:2002-03-16
UK

[Config] Firewall config or virus/spyware?

I have an 1801 running my LAN and a single NATd public IP address, configured using SDM.

All works fine most of the time, but there are some www sites that seem to get dropped when I try to connect to them other that from the machine that hosts my own web site (and has NAT forwarding enabled to do that).

Two examples are www.dpnotes.com and www.t-mobile.co.uk/pmcollect

The first generates a log of

The second does not seem to generate any log messages.

My config looks something like this:

permalink · 2008-04-05 13:17:41 · Print · Reply to this
jrpavel3

join:2002-03-16
UK

Re: [Config] Firewall config or virus/spyware?

Does no one have any suggestions? What is it about, eg, the sites that I have cited that causes the firewall to drop the connection? Are they trying to set up new connections to me??
permalink · 2008-04-09 05:50:26 · Reply to this
mr_dirt

join:2006-02-14
Denver, CO

Re: [Config] Firewall config or virus/spyware?

Have you checked to see if the http app inspection policy is causing the problem? Try removing the http app service policy by applying this snip to the config:


Check to see if the problem continues. Since you're seeing two different log behaviors for the two different sites you're having problems with, it's hard to tell what's causing the problems. Also, if you're not running 12.4(15)T4, and are able to upgrade, you might want to do so to take advantage of the improvements to some of the logging.

Be sure to back up your config before you start.
permalink · 2008-04-15 16:10:30 · Print · Reply to this
jrpavel3

join:2002-03-16
UK
1 edit

Re: [Config] Firewall config or virus/spyware?

Very odd: I removed the L7 inspection, found I could access those sites, and added it back again, and I can still access them.

The only other thing that I changed in recent days is to go back to my ISP's DNS servers from OpenDNS...
permalink · 2008-04-16 15:46:01 · Reply to this
Euphrates

join:2007-04-30
Bellingham, WA

Re: [Config] Firewall config or virus/spyware?

Have you tried switching back to those OpenDNS servers again and seeing if you can replicate the problem? It may help someone in the future who is having the same problem.

Also, when you noticed that the only thing you changed was the OpenDNS servers did you check with their website to see if they were having any problems that may be resolved?
permalink · 2008-04-21 03:41:00 · Reply to this
Forums » Equipment Support » Hardware By Brand » Ciscoswitch cannot boot »
« [Config] 871 & 12.4(15)T3 DebugsON ?  

Monday, 14-Dec 17:23:03 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [97] Google To Sell Phone Directly To Consumers
· [63] TiVO Tries To Figure Out Where It Fits
· [50] Faster Verizon DSL Service Will Burn Your House Down
· [42] NY Times: AT&T 3G Network Is Secretly Awesome
· [26] Verizon Kindly Forgives Kid's $21,917 3G Bandwidth Bill
· [20] Sweden First To Get LTE Service
· [18] Rural Broadband User? You're Screwed
· [1] Monday Morning Links
Most people now reading
· Official Mediacom Email Discussion Thread [Mediacom]
· Ashen Verdict Rep farming guide (ICC 10) [World of Warcraft]
· personal check etiquette [General Questions]
· Exalted with Ashen Verdict before the end of the week [World of Warcraft]
· Cross Server Dungeon Experience [World of Warcraft]
· Florida Family Law questions [General Questions]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]
· DKs and their obsession with Agility [World of Warcraft]
· So independants will be out of business in..........? [Canadian Broadband]
· HBO price increase [Verizon FIOS TV]