having a very strange problem with a Cisco 1861 running - Cisco IOS Software, C1861 Software (C1861-ADVENTERPRISEK9-M), Version 12.4(24)T5
The issue -
I have suddenly started to get performance issues with downloads and access through the ZBF. Without the firewall enabled and just having NAT enabled and routing , downloads perform as expected - ( have been using Itunes download as test file ) - with the ZBF enabled , and the necessary rules installed to inspect & allow traffic - downloads stall - and the only way to get the downlaod to start again is to pause , then resume. The stalls are anything between the first 25 - 120 secs.
I have debugged and performed packet traces - but cant see anything untoward. I have also placed another router ( just a cheap Belkin ) on the ADSL service and again , the downloads work as expected.
one further thing to add is that when im tunneling through the firewall ( VPN ) , then downloads do work as expected - suggesting that the issue is with native HTTP(s) traffic......
I have upgraded from T4 to T5 - and the symptons still remain - I am thinking that these may have been introduced when i upgraded to T4 a few monthes ago.
Can you grab the ip inspect log drop-pkt ? Put that command in on global configuration mode, then put the command "do term mon". Try to download a file and grab the logs and check if the firewall is dropping any packets.
Hi Team, I have one exclusion provided by internal team which is Is it right way to exclude ? *\Program Files\XYZ\* , as per Cisco Docs i see its not recommended because it will create performance issue when we use * at starting , So...
Central Log Management using Cisco Security Analytics and Logging, December 2nd at 8am-9:30am PT
Cisco Security Analytics and Logging is Cisco’s Central Log Management solution for Network Operations and Security Outcomes. It is delivered both as a c...
Cyberattacks are more sophisticated than ever and your online presence has never been more critical to the success of your business. Cisco, through its OEM partnership with Radware, can help secure your digital future by continuously monitoring...