Which version of Altavista, there were several, as I recall? Also as I recall ALL of them had proxy problems, and all but the last has serious DNS security risks (due to the included version of BIND).
I haven't worked on one of those in years, so I am sorry I can't offer much configuration help. But, if you are running an older version, this might be a good time to consider a change. Glenn -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Paul Robertson Sent: Thursday, January 10, 2002 3:29 PM To: Laura Folden Cc: 'Ron DuFresne'; '[EMAIL PROTECTED]' Subject: RE: IP error 522...? On Thu, 10 Jan 2002, Laura Folden wrote: > Thanks, Ron. > > Our new website (being prepared for launch) is being hosted by > circle.com at the ip address 205.229.56.205 . Their site then does a > redirect of the traffic to a subfolder beneath the main ip. The > subpage is /ace/352 . Their logs show that we connect to the site > but, after that, we time out. > > Our firewall is Altavista, running on Windows NT. We have a Cisco > router 2601 connecting to a Netgear switch. The Netgear switch then > connects back to the firewall directly. Lots of other computers can > connect to this site, but for some reason we cannot. We can connect to > every other site without problems. > Can you connect to the site from a client machine on the DMZ outside the firewall? Is the site load balanced? Are your forward and reverse IP addresses correctly configured? > The MTU on our router is 1500. We have a full T1. We believe the > problem might have to do with our firewall not being able to handle > the redirect. Do you mean HTTP redirect, or ICMP redirect? You should probably look at ICMP filtering, most likely one of you is hosing PMTU discovery. A sniffer outside the firewall and someone who can interpret the data is your best bet. Paul ------------------------------------------------------------------------ ----- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
