[ale] revisit the web problem again

[Dow Hurst]

Well, now I have a user that can't get to www.wachovia.com or 
www.deseretnews.com.  She has this setup:


Earthlink DSL
    |
    |
2wire DSL modem/router/firewall
    |_________________________________
    |                                 |
KSU Firewall (http allowed)        HPNA Interface
    |                                 |
Linux workstation (SuSE 8.2)       WinXP Home
    |
VMware WinXP Pro

The 2wire device has a bridge mode to share the 2wire's outside IP with 
one internal device.  The KSU firewall is defined as that device.  So 
using a DHCP call, the KSU Firewall gets assigned the outside IP of 
whatever the 2wire device has gotten from Earthlink.  It works great and 
allows us to depend on the KSU firewall (managed by Bob Toxen) to 
protect her internal systems that are used for the work she does for 
us.  The phone interface, HPNA, allows an upstairs home PC to be 
protected by the 2wire's firewall and share the DSL connection.  Nice 
setup and works well for us.

She can telnet from the Linux workstation's prompt to the IPs of both 
www.wachovia.com and www.deseretnews.com at port 80 and get a 
communication from the web server.  She is able to type some garbage and 
get a response from each webserver before they close the connection.  A 
standard way to check if the server is up.  Now, if she tries Mozilla, 
Konqueror, and Opera under SuSE then contact is made but no page 
returns.  I am saying that contact is made because she told me that 
Mozilla was saying in the task bar that "Transferring data" appeared.  
She has even tried IE 6 in the vmware XP hoping that would work but no 
juice.  Dig gave her the IPs to try the telnet trick with.  So any 
advice on troubleshooting this?

I have thought that since her upstairs HPNA connected XP machine can get 
a page back from these sites that the 2wire's stateful firewall is 
somehow remembering the destination.  So a request from any part of her 
network to those sites would get directed to the HPNA interface.  The 
problem is that no other redirection has occurred and it is a stupid 
idea anyway.  I get those more than occasionally. ;-)

Thanks for your help,
Dow


Geoffrey wrote:

> Dow Hurst wrote:
>
>> Have you checked that there isn't a deny statement in these browsers 
>> for cookies from that site?  I have lost the ability to go to a site 
>> if I denied it the ability to leave a cookie.  Until I went in and 
>> re-enabled that site to leave a cookie, I couldn't get to it.
>
>
> I checked that.  I am only allowing cookies from the originating site. 
> I turned that off, still no go.
>
> I'm beginning to think it's the ttl setting Mike made mention of.
>

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
************************************************************
This message (including any attachments) contains          *
confidential information intended for a specific individual*
and purpose, and is protected by law.  If you are not the  *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it,  *
is strictly prohibited.                                    *
************************************************************