Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
2
Replies

Upgrade from 12.4 to 12.4T, ios firewall not working?

daysofwonder
Level 1
Level 1

‎03-09-2009 02:25 AM - edited ‎03-11-2019 08:02 AM

Hi,

I'm attempting an upgrade from 12.4-18 to latest 12.4-24T on a 1841 (my point for upgrade is to allow TCP out of order segments through the firewall which seems to have been introduce in 12.4-11T).

The router uses NAT, and a PPP dialer for an ATM (adsl) interface. Its initial configuration was done by SDM, so it has the default SDM low firewall configuration.

When upgrading to 12.4-24T, all the traffic that is not explicitely permitted by the inbound access list of the outside dialer 0 interface is blocked by it, even though a show ip ips inspect all shows all the traffic accepted by the firewall.

It all looks like that the access-lists exceptions were not added in front of my inbound access-lists as it should have been done.

I can post the configuration if needed.

Any ideas on how I can debug this issue?

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎03-09-2009 01:19 PM

Check the bug toolkit-

http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl

We ran into something like this and it was a bug. I don't remember the IOS versions though.

0 Helpful

daysofwonder
Level 1
Level 1
In response to Collin Clark

‎03-10-2009 05:47 AM

Hi,

Thanks for your answer.

Although I couldn't find the issue witht bug toolkit, I upgraded to an older version 12.4-15T8 and it seems to work fine so far, so I think the issue appearead in a subsequent release.

Thanks,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card