Hi Laura, I'm not sure whether this is a firewall problem, I think it relates to the webserver software. Check this out:
[ricjon@rich ricjon]$ telnet 205.229.56.205 80 Trying 205.229.56.205... Connected to 205.229.56.205. Escape character is '^]'. GET / HTTP/1.0 200 OK Server: JRun Web Server/3.0 Date: Fri, 11 Jan 2002 08:42:47 GMT Last-Modified: Thu, 15 Nov 2001 20:16:55 GMT Connection: close Content-Type: text/html Content-Length: 54 <meta http-equiv="refresh" content="0;url=/ace/352"> Connection closed by foreign host. --(This one is perfectly ok.)-- [ricjon@rich ricjon]$ telnet 205.229.56.205 80 Trying 205.229.56.205... Connected to 205.229.56.205. Escape character is '^]'. GET / HTTP/1.1 HTTP/1.0 200 OK Server: JRun Web Server/3.0 Date: Fri, 11 Jan 2002 08:43:01 GMT Last-Modified: Thu, 15 Nov 2001 20:16:55 GMT Connection: close Content-Type: text/html Content-Length: 54 <meta http-equiv="refresh" content="0;url=/ace/352"> Connection closed by foreign host. [ricjon@rich ricjon]$ telnet 205.229.56.205 80 Trying 205.229.56.205... Connected to 205.229.56.205. Escape character is '^]'. GET / HTTP/1.1 host: bla.com ^] telnet> quit --(it lasted and lasted here)-- Looks like this JRun has a faulty HTTP/1.1 implementation, since it does not require you to enter the "host: " statement. However, when you do enter a hostname, it can't deal with it. It might be that it tries to resolve the hostname and fails, bu t I can't imagine that taking more than a few minutes to fail. Then when I try to request the /ace/352 URL, this is what happens: [ricjon@rich ricjon]$ telnet 205.229.56.205 80 Trying 205.229.56.205... Connected to 205.229.56.205. Escape character is '^]'. GET /ace/352 HTTP/1.0 HTTP/1.0 302 Moved Temporarily Server: JRun Web Server/3.0 Date: Fri, 11 Jan 2002 09:01:48 GMT Location: / Connection: close --(The above seems faulty to me, since we were already moved from / to /ace/352 and it now directs us back.)-- Connection closed by foreign host. [ricjon@rich ricjon]$ telnet 205.229.56.205 80 Trying 205.229.56.205... Connected to 205.229.56.205. Escape character is '^]'. GET /ace/352 HTTP/1.1 HTTP/1.0 302 Moved Temporarily Server: JRun Web Server/3.0 Date: Fri, 11 Jan 2002 09:02:06 GMT Set-Cookie: SessionID=alvsaimtvrdejtbreoafpswwputcjyhrrbsztpqx;expires=Sun, 12-Jan-2003 09:02:06 GMT;path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Location: http://null/ace/352?nopermanentcookies=true Cache-Control: no-cache="set-cookie,set-cookie2" Content-Type: text/html Connection: close Connection closed by foreign host. This is a nice answer as well, it redirects you to http://null, which obviously won't work. To conclude, this JRun web server is wrongly configured or hanging. My best bet would be to put it behind an Apache webserver or the like, but this of course depends on the setup of your website. There exist other Java web servers as well, even Free/Open Source ones, for instance Tomcat from Apache (http://jakarta.apache.org) or Orion (http://www.orionserver.com/). Hope this helps, Grtz, Richard > -----Original Message----- > From: Laura Folden [mailto:[EMAIL PROTECTED]] > Sent: donderdag 10 januari 2002 18:06 > To: 'Ron DuFresne' > Cc: '[EMAIL PROTECTED]' > Subject: RE: IP error 522...? > > > Thanks, Ron. > > Our new website (being prepared for launch) is being hosted > by circle.com at the ip address 205.229.56.205 . Their site > then does a redirect of the traffic to a subfolder beneath > the main ip. The subpage is /ace/352 . Their logs show that > we connect to the site but, after that, we time out. > > Our firewall is Altavista, running on Windows NT. We have a > Cisco router 2601 connecting to a Netgear switch. The Netgear > switch then connects back to the firewall directly. Lots of > other computers can connect to this site, but for some reason > we cannot. We can connect to every other site without problems. > > The MTU on our router is 1500. We have a full T1. We > believe the problem might have to do with our firewall not > being able to handle the redirect. > > I hope that's everything... > > Laura > > -----Original Message----- > From: Ron DuFresne [mailto:[EMAIL PROTECTED]] > Sent: Thursday, January 10, 2002 11:25 AM > To: Laura Folden > Cc: '[EMAIL PROTECTED]' > Subject: Re: IP error 522...? > > > Laura, > > Can you provide some more info on exactly what you are trying > to accomplish and what kinda of equipment lies on your > network and the party you are trying to reach? The more > detailed you can be, the better folks can attempt to help you > nail down the issue and determine how, and if there is a > resolution to the problem. > > Thanks, > > Ron DuFresne > > > On Thu, 10 Jan 2002, Laura Folden wrote: > > > Recently I posted regarding "looping" at site 205.229.56.205 . We > > remain unable to connect to those sites...although we *can* > connect to > > another site behind that host's firewall. We had our firewall tech > > support try to duplicate the problem with the same build of our > > firewall and OS and got nothing. ALL other sites connect just fine. > > > > Dug deep into the logs and what we see is a 500 522 error. Unknown > > protocol error returned. The website does have a redirect > on it, could > > this be the problem? Has anyone seen it? > _______________________________________________ > > Firewalls mailing list > > [EMAIL PROTECTED] > > http://lists.gnac.net/mailman/listinfo/firewalls > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "Cutting the space budget really restores my faith in > humanity. It eliminates dreams, goals, and ideals and lets > us get straight to the business of hate, debauchery, and > self-annihilation." -- Johnny Hart > ***testing, only testing, and damn good at it too!*** > > OK, so you're a Ph.D. Just don't touch anything. > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
