BWM blocks loading specific website
Freshman Member
Hello all
One of our customers wants to open a website but it just loads and loads without really getting anywhere. I tested it in various networks with multiple browsers and multiple DNS-Servers but no luck. The log shows, that the outbound traffic is being forwarded and nothing is blocked by a security rule.Only clear thing: it does not work when an USG/Zywall is installed.
Since I had no solutions left, I disabled BWM and to my surprise the site loaded immediately. BWM was enabled, together with the "enable highest bandwidth priority for SIP traffic" Option because the customer uses SIP. Just disabling the "SIP Traffic" Option did not solve this. Experiments with a new configuration rule for https-traffic to this site did not work either. This "solution" worked on other Firewalls as well.
Why would an enabled BWM block traffic from this site?
Setup: various Zyxel models like: USG60 with v4.25 or Zywall 110 with v4.31 wk29.
Exception: only an old USG 20 with v3.30 had no problems with this but that device is on it's way out...
Site: shop.msch-ag.ch (Swiss shop for electronics)
Thanks & regards
Eric
One of our customers wants to open a website but it just loads and loads without really getting anywhere. I tested it in various networks with multiple browsers and multiple DNS-Servers but no luck. The log shows, that the outbound traffic is being forwarded and nothing is blocked by a security rule.Only clear thing: it does not work when an USG/Zywall is installed.
Since I had no solutions left, I disabled BWM and to my surprise the site loaded immediately. BWM was enabled, together with the "enable highest bandwidth priority for SIP traffic" Option because the customer uses SIP. Just disabling the "SIP Traffic" Option did not solve this. Experiments with a new configuration rule for https-traffic to this site did not work either. This "solution" worked on other Firewalls as well.
Why would an enabled BWM block traffic from this site?
Setup: various Zyxel models like: USG60 with v4.25 or Zywall 110 with v4.31 wk29.
Exception: only an old USG 20 with v3.30 had no problems with this but that device is on it's way out...
Site: shop.msch-ag.ch (Swiss shop for electronics)
Thanks & regards
Eric
0
All Replies
-
If you enable BWM rule without "enable highest bandwidth priority for SIP traffic", does the issue still exist?0
-
site loads fine here with BWM on on a USG60 V4.25
Do you have any UTM profiles?
0 -
can you run tracetcp with BWM on
https://simulatedsimian.github.io/tracetcp_download.html
tracetcp shop.msch-ag.ch:443
0 -
@Eric_
I can access the website which you mentioned, even enable BWM function.
Can you private message configuration for check further?
Charlie0
Master Member
Guru Member
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
