m8kwr
|
posted on 19/11/10 at 04:18 PM |
|
|
Any Firewall Experts????
Since LB is the place to find all the answers.
Are there any firewall experts on here.
Since of this morning internet access has been playing up, and I have routed the problem back to one of the firewall.
Certain websites will not load, such as CNN, Facebook, BBC News, LinkedIn. Weirdly the main BBC sites works, and so does the radio 1 part etc. I have
not tried all the websites, but most work with no noticeable issues.
I can access these sites from the servers as they go through a different firewall (i can use this for the whole office as it only allows 5
connections).
I have updated the firewall to the latest firmware, used an old backup settings, and basically restored the Access rules to Default. Same results.
Also the firewall settings have not been changed for well over a year. Done the obviously restarted all devices on the network.
Pinging facebook and the tracert work fine, but no page will be displayed. But doing the same with linkedin, the ping 1 out the 3 works, but then
fails, and the tracert does not complete.
Does anyone have any ideas of what else I can try, before I drop kick the firewall.
|
|
|
rgrs
|
posted on 19/11/10 at 04:35 PM |
|
|
Can you not set up logging on the firewall and then view the log file to see whats going on ?
Have you checked with your isp to check if they have any current issues ?
Are you using a 3rd party for website verification ?
Roger
|
|
stevebubs
|
posted on 19/11/10 at 05:47 PM |
|
|
From your description, it sounds like something is flapping.
This could be down to routes or interfaces..
what about doing it all direct from the firewall? Does it all work then without issue?
Do you have a flat network topology? Could internal routing on your network be to blame?
Is your firewall in an HA pair or standalone?
|
|
jeffw
|
posted on 19/11/10 at 06:42 PM |
|
|
What kind of firewall is it.....? This is what I do for a living so I might be able to help...
It sounds like some form of content filtering, what are the logs saying ?
[Edited on 19/11/10 by jeffw]
|
|
m8kwr
|
posted on 19/11/10 at 07:44 PM |
|
|
I got a call late from my isp (virgin) saying they had a dns issues.....
I had contacted them in the morning, and they said they had not issues on there network... last time this happened to us restarting things solved the
issue.
Just logged onto my work computer and all seems fine... I was sure it was an issue with that firewall, bloody IT....
|
|
britishtrident
|
posted on 19/11/10 at 09:05 PM |
|
|
You can use any internet DNS servers the Google DNS servers are fast and actuall officially free., the address are 8.8.8.8 and 8.8.4.4 These can
be entered on the desktop PCs or the routers.
You can have more than 2 dns servers in Windows and most other desktop operating systems.
You can also run a caching DNS server such as Treewalk on desktop PCs without much over head.
[I] “ What use our work, Bennet, if we cannot care for those we love? .”
― From BBC TV/Amazon's Ripper Street.
[/I]
|
|
Rocket_Rabbit
|
posted on 20/11/10 at 02:29 AM |
|
|
quote: Originally posted by stevebubs
From your description, it sounds like something is flapping.
This could be down to routes or interfaces..
what about doing it all direct from the firewall? Does it all work then without issue?
Do you have a flat network topology? Could internal routing on your network be to blame?
Is your firewall in an HA pair or standalone?
Sorry for laughing, but the guy is pinging facebook, on you are halfway to offering a prognosis of HSRP/VRRP address issues!!
I can't see it being a corporate issue
|
|