+ 1 Votes I doubt it's the PIX unless the web site is external. CG IT Updated - 1 year ago The PIX firewall filters traffic going into and out of the PIX. That's basically all it does. So if the web site is hosted inside of the PIX, it's not the PIX. If the web site is hosted outside of the PIX, then I would say yes, it's the PIX. side note: "updates" to Cisco's IOS would not be the issue. The issue would be ACLs, extended ACLs, which are Cisco's IOS method of filtering traffic. Cisco ACLs have an implicit deny at the end of it and is not viewable in the ACL configuration. That implicit deny means that if an ACL is used, traffic that is not specifically allowed, is denied. ACLs can be configured to filter traffic in a multitude of ways from ip address to a range of addresses to specific content type, to MAC addresses, and can be implimented on either the internal interface, or external interface. If you know nothing about Cisco or very little, hire a consultant or hire Cisco to fix it.