Cisco 2811 configuration for uplading pdf files
Hi there,
Few years back I have to put some commands in my cisco 2811 to enable java scripts for some site which were not working. Now I remember if I have to do something with my router configuration to allow me to upload pdf files to my external site from windows 7 and server 2008 machines. WIndows XP machine can upload pdf files to this site very well. But win7 and server 2008 machines have something in common and do not let me upload pdf files to my external website? Uploading is done via IE8.
What I did:
-Made IE in compatible mode - same issue occured I cannot upload.
-I put my website address URL in trusted websites - same issue.
-I installed Firefox and tried uploading pdf files -same issue.
-I disabled windows firewall - same issue.
-I disabled antivirus - same issue.
-I have enabled the Active X and file downloads in IE 8 - same issue.
-I reset the IE8. Same issue.
-I disabled ad-ons in IE8. No luck.
-I disabled user account settings in Win7 no luck.
Even I installed a brand new image via CD and simply fired up IE and tried uploading pdf files. NO luck.. Hel plz
Help plz
Few years back I have to put some commands in my cisco 2811 to enable java scripts for some site which were not working. Now I remember if I have to do something with my router configuration to allow me to upload pdf files to my external site from windows 7 and server 2008 machines. WIndows XP machine can upload pdf files to this site very well. But win7 and server 2008 machines have something in common and do not let me upload pdf files to my external website? Uploading is done via IE8.
What I did:
-Made IE in compatible mode - same issue occured I cannot upload.
-I put my website address URL in trusted websites - same issue.
-I installed Firefox and tried uploading pdf files -same issue.
-I disabled windows firewall - same issue.
-I disabled antivirus - same issue.
-I have enabled the Active X and file downloads in IE 8 - same issue.
-I reset the IE8. Same issue.
-I disabled ad-ons in IE8. No luck.
-I disabled user account settings in Win7 no luck.
Even I installed a brand new image via CD and simply fired up IE and tried uploading pdf files. NO luck.. Hel plz
Help plz
I don't understand why a router configuration would have anything to do with javascript or pdf files. Can you please explain?
what shows the log?
please tell us%!
please tell us%!
I am quite curious how you managed to setup a Cisco 2811 router allowing javascript and/or .pdf files in the first place. Do us a favour and post your running config of your Cisco 2811, grab only the lines containing any relationship with java/pdf. Connect to your cisco router, enable, show run. We may then be able to help you out as for now I believe we don't have a clue what the exact problem is. Thanks!
Cheers,
Stefan
Cheers,
Stefan
ASKER
Here you go my friends, luckily I found the question asked here on EE in 2007 and answered perfectly by Irmoore, it worked like a charm for my network to show java script enabled websites which were not shown at that time on my network.
https://www.experts-exchange.com/questions/22919339/How-to-enable-java-classes-in-cisco-2811-and-where-to-put-those-commands.html
https://www.experts-exchange.com/questions/22919339/How-to-enable-java-classes-in-cisco-2811-and-where-to-put-those-commands.html
ASKER
Now I am trying to find out why I cannot upload pdf files from windows 7 and server 2008 machines. Do I have to do something in my router 2811?
Help
Help
It appears that you are using the 2811 as a firewall. Is this correct?
ASKER
Correct, Attached is my show run
expertaccesslist.txt
expertaccesslist.txt
Is there a reason you need to inspect java? What happens if you change this:
ip inspect name TRAFFIC_INSPECTI http java-list 21
to this:
ip inspect name TRAFFIC_INSPECTI http
??
ip inspect name TRAFFIC_INSPECTI http java-list 21
to this:
ip inspect name TRAFFIC_INSPECTI http
??
ASKER
kf4:
There are many educational java applets/scripts enabled sites which simply will not work.
Anyhow my question for uploading pdf files to my external website from windows 7 and server 2008 machines, does it link to my router in any case? or should I blame the new OS (windows7 and server 2008). My XP Professional machines have NO trouble uploading pdf files to my external site. Its truly something to learn and add to my knowledge.
There are many educational java applets/scripts enabled sites which simply will not work.
Anyhow my question for uploading pdf files to my external website from windows 7 and server 2008 machines, does it link to my router in any case? or should I blame the new OS (windows7 and server 2008). My XP Professional machines have NO trouble uploading pdf files to my external site. Its truly something to learn and add to my knowledge.
can ask someone who has (windows7 and server 2008) download pdf file on your external website to make a mistake on the router.
what version of IE installed on the HP
perhaps try another browser
what version of IE installed on the HP
perhaps try another browser
ASKER
Gelom:
If I take the same machine with win7 outside my network uploads work fine. Using IE8 and I have already tried firefox and chrome. No luck.
If I take the same machine with win7 outside my network uploads work fine. Using IE8 and I have already tried firefox and chrome. No luck.
Seems like should not be the file format problem, hence does not matter whether it is PDF or other format.
And would I suppose that if the cisco router is not there (as proxy), assume direct out into internet the uploading is possible. If so, then we can isolate cisco device as the culprit and not the Win 7 and Win2k8
And would I suppose that if the cisco router is not there (as proxy), assume direct out into internet the uploading is possible. If so, then we can isolate cisco device as the culprit and not the Win 7 and Win2k8
what shows the log?
Did you tried it without inspect?
Did you tried it without inspect?
ASKER
ok guys:
to remove the inspect:
I will simply put this command on my cisco 2811 router just to check the upload of pdf's files from my win7 and serv 2008 machines?
>>>under config t
--no ip inspect name TRAFFIC_INSPECTI http
once I check if this is not causing trouble I could simply put in as:
--ip inspect name TRAFFIC_INSPECTI http
correct?
Help plz!
to remove the inspect:
I will simply put this command on my cisco 2811 router just to check the upload of pdf's files from my win7 and serv 2008 machines?
>>>under config t
--no ip inspect name TRAFFIC_INSPECTI http
once I check if this is not causing trouble I could simply put in as:
--ip inspect name TRAFFIC_INSPECTI http
correct?
Help plz!
Please try it and tell us the result!
interface FastEthernet0/1.92
no ip address ip access-group 101 in
no ip inspect TRAFFIC_INSPECTI out
interface FastEthernet0/1.92
no ip address ip access-group 101 in
no ip inspect TRAFFIC_INSPECTI out
ASKER
ikalmar:
How do I put it back once checked?
How do I put it back once checked?
interface FastEthernet0/1.92
ip address ip access-group 101 in
ip inspect TRAFFIC_INSPECTI out
ASKER
It shows me:
_2811(config-subif)#no ip address ip access-group 101 in
^
% Invalid input detected at '^' marker.
_2811(config-subif)#no ip address ip access-group 101 in
^
% Invalid input detected at '^' marker.
ASKER
ikalmar:
Please confirm should I:
interface FastEthernet0/1.92
ip access-group 101 in
no ip inspect TRAFFIC_INSPECTI out
then once I am done:
interface FastEthernet0/1.92
ip access-group 101 in
ip inspect TRAFFIC_INSPECTI out
Correct?
Please confirm should I:
interface FastEthernet0/1.92
ip access-group 101 in
no ip inspect TRAFFIC_INSPECTI out
then once I am done:
interface FastEthernet0/1.92
ip access-group 101 in
ip inspect TRAFFIC_INSPECTI out
Correct?
sorry
interface FastEthernet0/1.92
no ip access-group 101 in
no ip inspect TRAFFIC_INSPECTI out
interface FastEthernet0/1.92
no ip access-group 101 in
no ip inspect TRAFFIC_INSPECTI out
ASKER
ikalmar:
Excellent!
I was able to upload the pdf files from my server 2008. Sorry I am remoting in and checking in everything for you, I cannot check any windows7 clients till tuesday. But if server 2008 is working I think the clients wil be fine too. Good job!
How do I reconfirm that the access-group 101 is put back in properly?
Help plz
Excellent!
I was able to upload the pdf files from my server 2008. Sorry I am remoting in and checking in everything for you, I cannot check any windows7 clients till tuesday. But if server 2008 is working I think the clients wil be fine too. Good job!
How do I reconfirm that the access-group 101 is put back in properly?
Help plz
ASKER
ikalmar:
Please can you explain what was happening here in this particular case. I need to know and understand.
Now which line needs a fix in access-group 101 so that all my server 2008 and clients wind7 have no trouble uploading pdf files.
Help
Please can you explain what was happening here in this particular case. I need to know and understand.
Now which line needs a fix in access-group 101 so that all my server 2008 and clients wind7 have no trouble uploading pdf files.
Help
Hi,
ACL 101 needs for inspection.... it seems that you need to finetuning inspections...
how can you upload the pdf files, which ports do you use?
ACL 101 needs for inspection.... it seems that you need to finetuning inspections...
how can you upload the pdf files, which ports do you use?
ASKER
I simply use the IE, open up the site http://sitename.ca and click on the upload page for the pdf files.
I used Microsoft netowork monitor to capture the traffic and saw the following TCP source ports:
TCP 55943 - 80
TCP 55944 - 80
TCP 55945 - 80
TCP 55946 - 80
TCP 55947 - 80
TCP 55948 - 80
TCP 55952 - 80
I am not sure if this the info you want? Let me know how to capture the ports while uploading pdf's and I can post for you?
Help
I used Microsoft netowork monitor to capture the traffic and saw the following TCP source ports:
TCP 55943 - 80
TCP 55944 - 80
TCP 55945 - 80
TCP 55946 - 80
TCP 55947 - 80
TCP 55948 - 80
TCP 55952 - 80
I am not sure if this the info you want? Let me know how to capture the ports while uploading pdf's and I can post for you?
Help
Wireshark can be used to capture what you need as you are running through the pdf uploading sequences
http://www.wireshark.org/download.html
There is also Fport as well to associate to process
http://www.foundstone.com/us/resources/proddesc/fport.htm
http://www.wireshark.org/download.html
There is also Fport as well to associate to process
http://www.foundstone.com/us/resources/proddesc/fport.htm
ASKER
you need to add this and try inspection with pdf uploading..
ASKER
ikalmar:
what is the command? will I be adding the external IP of the website? from which I upload the pdf files?
help plz
what is the command? will I be adding the external IP of the website? from which I upload the pdf files?
help plz
ASKER
ikalmar:
I am not hosting this website on my servers. It is hosted by one of our site hosters. I am not sure how to put an IP which belongs to some external hoster on our router 2811 to allow the uploads of pdf's.
Help
I am not hosting this website on my servers. It is hosted by one of our site hosters. I am not sure how to put an IP which belongs to some external hoster on our router 2811 to allow the uploads of pdf's.
Help
interface FastEthernet0/1.92
ip address ip access-group 101 in
ip inspect TRAFFIC_INSPECTI out
access-list 101 permit tcp host x.x.x.x eq www host y.y.y.y
x.x.x.x is http://sitename.ca
y.y.y.y your public IP address
ip address ip access-group 101 in
ip inspect TRAFFIC_INSPECTI out
access-list 101 permit tcp host x.x.x.x eq www host y.y.y.y
x.x.x.x is http://sitename.ca
y.y.y.y your public IP address
ASKER
ikalmar:
Adding this line to the ACL 101 does not resolve the issue. Any other suggestion.
Hel plz.
Adding this line to the ACL 101 does not resolve the issue. Any other suggestion.
Hel plz.
what shows the log?
ho can working the pdf uploading?
ho can working the pdf uploading?
ASKER
ikalmar:
show log does not show me any suspecious about the file uploads for pdf files. Do I have to enable special logging for it? How? on the router 2811.
show log does not show me any suspecious about the file uploads for pdf files. Do I have to enable special logging for it? How? on the router 2811.
ASKER
Ok Guys:
After long days of work and tension. I replaced the router 2811 and found a faulty hardware interface port, the downloads and uploads were miserable and went stuck at about 20%. Also we were facing some other issues. Via new 2911 router there is no trouble yet.
After long days of work and tension. I replaced the router 2811 and found a faulty hardware interface port, the downloads and uploads were miserable and went stuck at about 20%. Also we were facing some other issues. Via new 2911 router there is no trouble yet.
ASKER
Its very hard for me to allocate points for this question. Any suggestions?
I think the inspection caused the problem
ASKER
ikalmar:
I am using the same inspection on the new router.
I am using the same inspection on the new router.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks iKalmar for clarifying.
Regards.
Regards.