[ale] revisit the web problem again

Mike Murphy mike at tyderia.net
Tue Nov 11 10:32:19 EST 2003


If when her browser is just spinning, she could stop and view source, 
that might be helpful: my guess is that there will be a partial page 
there. If so, you might want to see if there are a lot of errors on her 
workstations interface or the firewall, and check MTU's everywhere (they 
should be smaller than 1500 typically). At least that's the stuff off 
the top of my head... Does this firewall keep logs?

Mike


Dow Hurst wrote:
> Well, now I have a user that can't get to www.wachovia.com or 
> www.deseretnews.com.  She has this setup:
> 
> 
> Earthlink DSL
>    |
>    |
> 2wire DSL modem/router/firewall
>    |_________________________________
>    |                                 |
> KSU Firewall (http allowed)        HPNA Interface
>    |                                 |
> Linux workstation (SuSE 8.2)       WinXP Home
>    |
> VMware WinXP Pro
> 
> The 2wire device has a bridge mode to share the 2wire's outside IP with 
> one internal device.  The KSU firewall is defined as that device.  So 
> using a DHCP call, the KSU Firewall gets assigned the outside IP of 
> whatever the 2wire device has gotten from Earthlink.  It works great and 
> allows us to depend on the KSU firewall (managed by Bob Toxen) to 
> protect her internal systems that are used for the work she does for 
> us.  The phone interface, HPNA, allows an upstairs home PC to be 
> protected by the 2wire's firewall and share the DSL connection.  Nice 
> setup and works well for us.
> 
> She can telnet from the Linux workstation's prompt to the IPs of both 
> www.wachovia.com and www.deseretnews.com at port 80 and get a 
> communication from the web server.  She is able to type some garbage and 
> get a response from each webserver before they close the connection.  A 
> standard way to check if the server is up.  Now, if she tries Mozilla, 
> Konqueror, and Opera under SuSE then contact is made but no page 
> returns.  I am saying that contact is made because she told me that 
> Mozilla was saying in the task bar that "Transferring data" appeared.  
> She has even tried IE 6 in the vmware XP hoping that would work but no 
> juice.  Dig gave her the IPs to try the telnet trick with.  So any 
> advice on troubleshooting this?
> 
> I have thought that since her upstairs HPNA connected XP machine can get 
> a page back from these sites that the 2wire's stateful firewall is 
> somehow remembering the destination.  So a request from any part of her 
> network to those sites would get directed to the HPNA interface.  The 
> problem is that no other redirection has occurred and it is a stupid 
> idea anyway.  I get those more than occasionally. ;-)
> 
> Thanks for your help,
> Dow
> 
> 
> Geoffrey wrote:
> 
>> Dow Hurst wrote:
>>
>>> Have you checked that there isn't a deny statement in these browsers 
>>> for cookies from that site?  I have lost the ability to go to a site 
>>> if I denied it the ability to leave a cookie.  Until I went in and 
>>> re-enabled that site to leave a cookie, I couldn't get to it.
>>
>>
>>
>> I checked that.  I am only allowing cookies from the originating site. 
>> I turned that off, still no go.
>>
>> I'm beginning to think it's the ttl setting Mike made mention of.
>>
> 

-- 

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Mike Murphy
781 Inman Mews Drive Atlanta GA 30307
Landline: 404-653-1070
Mobile: 404-545-6234
Email: mike at tyderia.net
Email Pager: pagemike at tyderia.net
AIM: mmichael453
JDAM: 33:45:14.0584N  84:21:43.038W
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+



More information about the Ale mailing list