On Mon, Sep 23, 2013 at 3:16 PM, J- P <[email protected]> wrote: > It is odd that I can ping with a decent response ~420 ms but if I try to > telnet to say 25 on email, or to our timesheet server, it will just hang > till it says could not open connection to host on port:XYZ Connect Failed.
That sounds like someone is doing filtering somewhere. > I've been running netmon and I do see a slew of SynRetransmits, but not > much else That implies the TCP handshake is not being completed, which also suggests filtering. One can get a little more info by running the sniffer at both ends, and seeing what packets make it where. If you see SYN at the initiator, but nothing at the listener, it's being blocked on the way from the initiator to the listener. If you see SYN at the initiator, SYN at the listener, then SYN-ACK at the listener, but no SYN-ACK at the initiator, it's being blocked on the way from the listener to the initiator. (The paths may be asymmetric.) Unfortunately this won't give you enough information to fix anything, just confirm the problem. If you have a traceroute that uses TCP (Microsoft's does *not*), you may be able to track down the specific router hop that's filtering you. The, using WHOIS, you can track down the operator. If their contact information is current (far from certain), you can complain to them. They will often ignore you. The Internet, as designed and operated, does not guarantee connectivity. Bummer, eh? -- Ben
