topic IOS IDS/Firewall blocks https connections in Network Security https://community.cisco.com/t5/network-security/ios-ids-firewall-blocks-https-connections/m-p/577145#M98736 <P>Starting from 12.3(5) ending with 12.3(17a) on all our 7200 and 7500 routers, applying ip audit input on internal interface or ip audit out on external interface immediately stops all https websites. I was trying to disable all https and http signatures but situation looks similar. Due to fact that we had lots of problems with 12.3T and 12.4 upgrade is not possible (routers restarts, VIPs crashes etc.). Even if I only apply alarm for info and attack signatures, https still cannot pass through and logs are empty.</P><P>Is there any workaround for this problem? Thanks!</P> Sun, 10 Mar 2019 09:53:20 GMT lukaszwisniowski 2019-03-10T09:53:20Z IOS IDS/Firewall blocks https connections https://community.cisco.com/t5/network-security/ios-ids-firewall-blocks-https-connections/m-p/577145#M98736 <P>Starting from 12.3(5) ending with 12.3(17a) on all our 7200 and 7500 routers, applying ip audit input on internal interface or ip audit out on external interface immediately stops all https websites. I was trying to disable all https and http signatures but situation looks similar. Due to fact that we had lots of problems with 12.3T and 12.4 upgrade is not possible (routers restarts, VIPs crashes etc.). Even if I only apply alarm for info and attack signatures, https still cannot pass through and logs are empty.</P><P>Is there any workaround for this problem? Thanks!</P> Sun, 10 Mar 2019 09:53:20 GMT https://community.cisco.com/t5/network-security/ios-ids-firewall-blocks-https-connections/m-p/577145#M98736 lukaszwisniowski 2019-03-10T09:53:20Z Re: IOS IDS/Firewall blocks https connections https://community.cisco.com/t5/network-security/ios-ids-firewall-blocks-https-connections/m-p/577146#M98738 <HTML><HEAD></HEAD><BODY><P>Sounds like you're hitting this:</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCee32778&amp;Submit=Search" target="_blank">http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCee32778&amp;Submit=Search</A></P><P></P><P>Note that this bug specifically talks about SSH/Telnet connections through the router, but this bug has numerous others linked to it that deal with pretty much all types of TCP traffic (including HTTPS).</P><P></P><P>The bug is fixed in 12.3(9.4) and later, so not sure why you're seeing it on 12.3(17a). Try the workaround (apply "ip inspect" to the interface as well) to confirm if you're hitting this bug. </P></BODY></HTML> Fri, 17 Feb 2006 05:16:22 GMT https://community.cisco.com/t5/network-security/ios-ids-firewall-blocks-https-connections/m-p/577146#M98738 gfullage 2006-02-17T05:16:22Z