I am facing a strange issue at one of our customer sites.
The customer is using UC560 as the gateway for both voice and data. Recently it was noticed that their antivirus server is not able to download regular antivirus updates.
We connected the server directly to internet (using the same PPPoE connection terminated on UC560) and it downloaded the updates without any issues. So we confirmed that the issue is not related to antivirus vendor. So we connected the server directly to LAN interface of UC560, and we noticed that it could not download the updates. The antivirus vendor confirmed that port 80 is used for their updates, and hence it should not be blocked. I removed all access lists temporarily on the device and tested, but still it was failing. I tried to change the MTU values, but still the result was the same. The customer confirmed that no recent changes were made on the network.
I am attaching the truncated configuration of the device.
Please answer my queries below:
Does the built-in firewall of UC560 block file download based on file extension? Has anyone faced similar issues? Can anyone suggest other troubleshooting steps that I missed?
Thank you very much for replying.
During testing, I had removed the ip inspect commands, and the day before that, I had tried different MTU values (1452, 1476, 1492 and 1500). But I haven't tried a combination of both.
I will do it when I get access to the site next time and update you the results.
That is why I also felt that it is strange.
There is one more thing that I have noticed. To download any file from the customer's internet connection, proxy settings provided by ISP should be configured on the browser. If not, you can browse, but cannot download any file. I don't think this restriction affects the traffic through UC560, I'm just pointing out something that I noticed.
How does the server get the proxy settings if you connect it directly to the connection? Did you tried to configure the proxy settings in the antivirus software?
- Please rate helpful posts -
When I connected the server directly, I changed the proxy settings on internet explorer and it worked. I tried the same thing when connected through UC560, but it failed.
I didn't change it on the application. I will try it.