Re: Can access secure site from dial-up but not from LAN network
From: Kathy (kathy_at_regardingbooks.com)
Date: 09/29/05
- Next message: Steven L Umbach: "Re: Advice - solution for a company server"
- Previous message: Floyd L. Davidson: "Re: Why IP address is fixed everytime connected to the Internet?"
- In reply to: Steven L Umbach: "Re: Can access secure site from dial-up but not from LAN network"
- Next in thread: Steven L Umbach: "Re: Can access secure site from dial-up but not from LAN network"
- Reply: Steven L Umbach: "Re: Can access secure site from dial-up but not from LAN network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Sep 2005 03:28:59 GMT
Telnet to amazon.com works as you describe, however the telnet to the secure
web site gets a connect failed message. From the same computer, I dial-up
to the internet and do the same telnet to the secure web site and I get the
blank screen with blinking cursor. The tracert when I am connected via
dial-up actually times out at the same IP address, but it only takes 11 hops
to get there. I can still connect to the secure web site when I connect to
the internet via dial-up.
Kathy
The dial-up connection that works is from the same computer as the one for
which I use a DSL connection.
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:uuU$8FIxFHA.2652@TK2MSFTNGP14.phx.gbl...
>I have not used DSL in a long time [cable here] so I am not sure if it
>would help but you could try a few lower and in between MTU settings though
>since you made it through 14 hops I doubt that is the issue. I would also
>try tracert from your dial up to see if it fails or not on the last hop to
>their website. Another thing to try is telnet. Try telnet domainname.com
>443 to see what happens assuming they are using the standard port 443 TCP
>for secure website access. If the website is listening and not blocking
>your IP you should get a blank command line screen with a blinking cursor
>[ try telnet Amazon.com 443 to see as I just did ] . Try the same with your
>dialup to see what happens. Also compare advanced security settings for IE
>on the computer [ tools/internet options/advanced -security ] where you use
>dialup to make sure the computer using the DSL is the same. --- Steve
>
>
>
> "Kathy" <kathy@regardingbooks.com> wrote in message
> news:3OE_e.6420$q1.3829@newsread3.news.atl.earthlink.net...
>> Great suggestion! I ran the tracert to their site and it did
>> successfully leave my network, but failed on the 15th hop on an address
>> that looks to be in their network. I actually already lowered the MTU
>> setting to 1400 for my DSL connection because of VPN connection problems
>> going to another site. Do you think I need to lower MTU even more?
>>
>> Thanks very much.
>> Kathy
>>
>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
>> news:%23YBhrOFxFHA.624@TK2MSFTNGP11.phx.gbl...
>>> That's about the only thing that makes sense to me at this point unless
>>> you have a firewall device that is blocking outbound access to their
>>> website or IP address which probably is unlikely. The tracert command
>>> to their website would show that the traffic stopped on your network
>>> instead of hopping through routers to them and would be worth a try.
>>> Also try tracert to websites you can access to see how a good tracert
>>> looks as in tracert Yahoo.com. Let tracert run for a while until you
>>> see trace complete and it is not unusual to see request timed out for
>>> some routers in the path. There is a more remote possibility that you
>>> need to tweak your MTU setting for your DSL connection in the DSL pppoe
>>> connectoid or your router device if you are using one though problems
>>> with MTU are usually not isolated to a single website as you experience
>>> random inability to access websites which can happen if routers in the
>>> path to the website are fragmenting your traffic. If there was a problem
>>> with the certificate you would get an access denied error - not page can
>>> not be displayed.
>>>
>>> This is a longshot but try booting one of your computers using DSL into
>>> Safe Mode with networking to see if that works. If it does you have an
>>> application or process on your computer that is blocking access. Note
>>> that Safe Mode will disable software firewall so be sure that you have a
>>> firewall device protecting your network before attempting such. Below
>>> is an example of a tracert output. --- Steve
>>>
>>> D:\Documents and Settings\Steve>tracert yahoo.com
>>>
>>> Tracing route to yahoo.com [66.94.234.13]
>>> over a maximum of 30 hops:
>>>
>>> 1 1 ms 1 ms 1 ms 192.168.1.1
>>> 2 * * * Request timed out.
>>> 3 11 ms 30 ms 13 ms 68.86.118.25
>>> 4 17 ms 24 ms 13 ms 68.87.230.53
>>> 5 16 ms 12 ms 16 ms 68.87.231.53
>>> 6 * * * Request timed out.
>>> 7 16 ms 13 ms 30 ms 12.118.239.97
>>> 8 36 ms 20 ms 32 ms tbr1-p012301.cgcil.ip.att.net
>>> [12.123.6.9]
>>> 9 24 ms 14 ms 15 ms ggr2-p310.cgcil.ip.att.net [12.123.6.65]
>>> 10 33 ms 32 ms 32 ms so-1-1-0.edge1.chicago1.level3.net
>>> [209.0.227.77
>>> ]
>>> 11 15 ms 15 ms 18 ms so-2-1-0.bbr1.chicago1.level3.net
>>> [209.244.8.9]
>>>
>>> 12 65 ms 64 ms 65 ms as-1-0.bbr2.sanjose1.level3.net
>>> [64.159.0.242]
>>> 13 69 ms 62 ms 71 ms ge-11-1.ipcolo3.sanjose1.level3.net
>>> [4.68.123.10
>>> 7]
>>> 14 63 ms 61 ms 69 ms unknown.level3.net [64.152.69.30]
>>> 15 63 ms 76 ms 81 ms unknown-66-218-82-217.yahoo.com
>>> [66.218.82.217]
>>>
>>> 16 67 ms 75 ms 62 ms w2.rc.vip.scd.yahoo.com [66.94.234.13]
>>>
>>> Trace complete.
>>>
>>> "Kathy" <kathy@regardingbooks.com> wrote in message
>>> news:AIx_e.5002$vw6.708@newsread1.news.atl.earthlink.net...
>>>>I was hoping you would say that. That's what I had tried to tell them
>>>>once, but they convinced me it was a problem on my end due to my lack of
>>>>experience in networking. Thanks for the confirmation and the nslookup
>>>>did resolve to the same IP address.
>>>>
>>>> Kathy
>>>>
>>>> "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
>>>> news:6aSdnXBjPO9YTqTeRVn-qw@comcast.com...
>>>>> If you are using IE as your browser to access that website you can use
>>>>> tools/internet options/content - certificates/personal to see if that
>>>>> certificate is still on your computer, has the corresponding private
>>>>> key, and is valid in that it has not expired. Most likely that is not
>>>>> the problem if you can access it via dial up.
>>>>>
>>>>> I read your other post and it seems to me that the problem could be IP
>>>>> address filtering on the Website or the firewall they use to protect
>>>>> their network since you have the same problem on all your computers
>>>>> yet they all can access other secure websites. I would contact them
>>>>> and tell them what is happening to see what they say. Also verify that
>>>>> you are trying to access them via a secure site which would show https
>>>>> in the address bar. I would also use the nslookup command on your
>>>>> computers to see if the website in question resolves to the same IP
>>>>> address. Just enter nslookup at the command prompt and type the name
>>>>> of the website and hit enter to see what it hows. --- Steve
>>>>>
>>>>> "kaw" <kaw@discussions.microsoft.com> wrote in message
>>>>> news:B4C46C9F-8569-4CA3-B269-DA04AB6CF55C@microsoft.com...
>>>>>> This is a site that requires authentication. The site owner gave me
>>>>>> the
>>>>>> certificate to install. Yes I can access other secure web sites from
>>>>>> the DSL
>>>>>> connection. I could connect successfully at one time. One thing
>>>>>> that might
>>>>>> be helpful is I used to get the Windows "Security Alert" popup, but I
>>>>>> no
>>>>>> longer get that (not even when using the dial-up internet
>>>>>> connection).
>>>>>> Eventually the URL times out and I get the "page cannot be displayed"
>>>>>> message.
>>>>>>
>>>>>> "Steven L Umbach" wrote:
>>>>>>
>>>>>>> What do you mean you installed a certificate from it?? You do not
>>>>>>> need a
>>>>>>> certificate/private key for a website unless it requires client
>>>>>>> certificate
>>>>>>> authentication. Can you access any secure website from the DSL
>>>>>>> connection??
>>>>>>> What exactly happens when you try to access it. --- Steve
>>>>>>>
>>>>>>>
>>>>>>> "kaw" <kaw@discussions.microsoft.com> wrote in message
>>>>>>> news:DA8C0204-3C3F-4BCA-815A-26CE8CB6C8ED@microsoft.com...
>>>>>>> >I cannot access a secure site for which I have installed a
>>>>>>> >certificate from
>>>>>>> > my LAN internet connection (DSL), but I CAN access the site if I
>>>>>>> > connect
>>>>>>> > to
>>>>>>> > the internet through dial-up connection.
>>>>>>> >
>>>>>>> > At one time I was able to connect via LAN, but it quit working.
>>>>>>> >
>>>>>>> > I've tried re-installing the certificate, turning off my firewall
>>>>>>> > and NAV,
>>>>>>> > all with no result.
>>>>>>> >
>>>>>>> > Any ideas?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
- Next message: Steven L Umbach: "Re: Advice - solution for a company server"
- Previous message: Floyd L. Davidson: "Re: Why IP address is fixed everytime connected to the Internet?"
- In reply to: Steven L Umbach: "Re: Can access secure site from dial-up but not from LAN network"
- Next in thread: Steven L Umbach: "Re: Can access secure site from dial-up but not from LAN network"
- Reply: Steven L Umbach: "Re: Can access secure site from dial-up but not from LAN network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
