Who's blocking these ports? Please help...
From: Ben Mannino (bmannino@stny.rr.com)
Date: 01/31/03
- Next message: Kathy: "WINS"
- Previous message: Russ: "Win2000 Pro dumps Guest account for application"
- Next in thread: Benn Wolff: "Re: Who's blocking these ports? Please help..."
- Reply: Benn Wolff: "Re: Who's blocking these ports? Please help..."
- Reply: Karl Levinson [x y] mvp: "Re: Who's blocking these ports? Please help..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Ben Mannino" <bmannino@stny.rr.com> Date: Fri, 31 Jan 2003 03:03:02 GMT
Hi,
Pulling my hair out for 2 days now...hope someone can help.
Im running Win2000 Advanced Server w/IIS5 and 3 Windows XP
clients running IE6. The entire setup is a hotel business center designed
to
allow pay-per-use web access to the guests.
This feat is accomplished using two services running on the
server - one is called Vicomsoft Internet Gateway (proxy server, IG for
short)
and the second is a custom built application designed to tell
the IG which MAC addresses are allowed out. The
IG basically takes over the TCP/IP routing and does this using
two ports - the NAT port (10.10.10.61) and the Ethernet port
(172.16.255.254).
Each of these ports uses a NIC in the server. The 3COM for the NAT,
and the Realtek for the LAN. The 3COM is connected to a router somehwere
in the hotel. TCP/IP is unbound from this adapter as per the instructions
from Vicomsoft (www.vicomsoft.com, if anyone is familiar with their
products).
The Realtek connects to a hub along with the 3 client PCs. The Realtek's
TCP/IP settings are as follows:
IP: 172.16.255.253
Subnet: 255.255.0.0
GW: 172.16.255.254
DNS: 172.16.255.254
Now on the surface, everything works fine. All the clients are assigned IPs
in the proper
range (172.16.255.1 - 172.16.255.3) by the IG and when a client opens their
web browser
they are able to open any web page without issue (the MAC address
restriction was
temporarily disabled for troubleshooting).
The problem is, many guests checking their web-based email will enter a port
number at the end of their URL (ie, http://www.mymailserver.com:8383) and
then after a few seconds, the browser comes up with a "Page cannot be
displayed"
error. Same on all the clients - none of them have any type of proxy
setting in IE.
If I take that same URL and enter it on the server's web browser, it comes
up
just fine. I figured somewhere, somehow, there's some kind of port
filtering going
on.
I emulated their configuration here at home, but using Win2K Pro instead,
and it
works perfectly - I can enter any URL:port and it comes up fine, running
through
the IG. Therefore, I can only conclude that Win2K Adv Server has some type
of filtering enabled - but for the life of me I cannot find it.
I spoke with Vicomsoft and they agree with me - their IG wont block those
ports.
I checked the Advanced TCP/IP properties for both NICs and neither has any
filtering enabled. Someone suggested checking ISA and RRAS, and neither is
loaded or enabled. I tried looking at the security policies, but I can make
heads or
tails of it.
I've never used Wink2K Adv Server, but I do know that when they installed
it,
they accepted all the default settings. I have a feeling that buried
somehwere deep
under the hood of this OS is a checkmark that I can clear to make this thing
work.
Please help save my sanity by suggesting a testing method, network analyzer,
web site or control panel I can check to see where these ports are getting
stopped.
Thanks very much in advance,
Ben M.
- Next message: Kathy: "WINS"
- Previous message: Russ: "Win2000 Pro dumps Guest account for application"
- Next in thread: Benn Wolff: "Re: Who's blocking these ports? Please help..."
- Reply: Benn Wolff: "Re: Who's blocking these ports? Please help..."
- Reply: Karl Levinson [x y] mvp: "Re: Who's blocking these ports? Please help..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
