Re: IE Routing Problem
From: DDJ (johnson_at_milehi.com)
Date: 07/28/04
- Next message: DDJ: "Re: IE Routing Problem"
- Previous message: Scott Micale: "Re: DNS Even errors"
- In reply to: Ace Fekay [MVP]: "Re: IE Routing Problem"
- Next in thread: DDJ: "Re: IE Routing Problem"
- Reply: DDJ: "Re: IE Routing Problem"
- Reply: Ace Fekay [MVP]: "Re: IE Routing Problem"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 28 Jul 2004 14:07:45 -0600
To try and make this easier to read, I have added my responses below...
"Ace Fekay [MVP]" <firstnamelastname@hotmail.com> wrote in message
news:uZ516jNdEHA.1356@TK2MSFTNGP09.phx.gbl...
>
> "DDJ" <johnson@milehi.com> wrote in message
> news:DbSNc.25$u77.31198@news.uswest.net...
> > We have ADSL.
> >
> > Ran the provided test. Although the Win2000 box I was using did not
have
> an
> > MTU value in the registry, I added. Per the MTU test, the optimal
setting
> > would be 1404. NOTE: that this is the setting in our firewall as well
> (says
> > something about "fragment outbound packets larger than 1404")
> >
> > The browser does not have an proxy settings in place.
> >
> > Tested browser after adding MTU value...still doesn't work. The
firewall
> > forwards packets to the router, do routers generally provide for an MTU
> > setting?
> >
> > Thanks!
>
> Actually 1404 is really awfully low. The definition of an MTU is the
actual
> TCP packet size. The largest possible TCP packet size is 1500 bytes. ADSL
> using PPPoE lowers the MTU to 1492, using up 8 bytes for the PPPoE
overhead.
> So 1492 is the common one I've seen it drop lower, depending on the ADSL
> modem. The router will accomodate the modem. The lower it is, the more
> difficulty there will be with IE and browsing.
I will change this after sending this message to see if it has any impact.
I remember that we originally changed it to accomodate a request from
SonicWall when setting up a VPN.
>
> What type of modem do you have?
> What type of router do you have that is connected to the modem?
We have a SonicWall SoHo 100 firewall (which is the IP = 192.168.168.1) and
an ActionTec DSL Modem/Router (LAN IP = 192.168.168.2, WAN IP should remain
private). All packets coming in through the ActionTec are routed to the
SonicWall. All client boxes point to the SonicWall as the Gateway and to
the DC (192.168.168.187) as the DNS. Should I not be posting all of this IP
info here for security reasons??? I have assumed that since they are
internal addresses, it doesn't matter, but let me know if you think
otherwise.
>
> I was trying to re-read your previous response, but I apogize that I am
> getting lost in your terminology. Here's what you previously posted:
>
> ======================
> > Each box is pointed to a firewall as the gateway
> > (192.168.168.1) and to the DC as the DNS Server
> > (192.168.168.187). The DC points to the ISP-provided two
> > DNS servers. The common firewall gateway (192.168.168.1)
> > forwards to the router (192.168.168.2) which forwards to
> > the ISP's router.
> ======================
>
> Now this part (the paragraph below) is the part I really do not understand
> because of the IP addresses that are mentioned, hence my previous thought
> you were "arping" packets across an OpenBSD bridged firewall, which I know
> not too many people use or know how to setup.
> ...
> > "The common firewall gateway (192.168.168.1)
> > forwards to the router (192.168.168.2) which forwards to
> > the ISP's router."
> ...
>
> Now, let's break this down. Your 'firewall' is also your router? What
brand
> is it?
> That "common firewall gateway (192.168.168.1) you mention, is that the
above
> firewall/router? Or are you saing that the firewall gateway and the router
> are two different things? Or is the router actually an ADSL modem?
If I understand how this works correctly, the SonicWall is the router,
although all the SonicWall does is pass outgoing packets to the ActionTec
(in addition obviously to handling incoming packets from the ActionTec).
>
> From the way you described that, it seems like that the 'common firewall
> gateway with an IP of 192.168.168.1, which is connected to your internal
> subnet, which your internal subnet uses as a gateway, has its other
> interface (which by definition of a 'router') configured wtih an IP on the
> same subnet and is connected to your ISP's router with an IP on the same
> subnet as the internal subnet, but should be a totally different subnet.
So
> based on the terminology used, I am completey lost on how this is
> configured.
I remember when we first set this up last year, I had also thought that we
needed to set the LAN side IP of the ActionTec to a different subnet than
the WAN side IP of the SonicWall (hope I said that right!). It was either
Qwest or SonicWall, however, that said we needed to do it this way. It WAS
working for some time though, so I am curious why it has gone crazy now.
Hopefully the above helps you understand. Let me know if not, and thanks
for your patience!
>
> Can you break that down for me?
> What name brand router?
> What name brand firewall?
> What name brand modem (if it is)?
>
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> Security Is Like An Onion, It Has Layers
> HAM AND EGGS: A day's work for a chicken;
> A lifetime commitment for a pig.
> --
> =================================
>
>
>
>
>
- Next message: DDJ: "Re: IE Routing Problem"
- Previous message: Scott Micale: "Re: DNS Even errors"
- In reply to: Ace Fekay [MVP]: "Re: IE Routing Problem"
- Next in thread: DDJ: "Re: IE Routing Problem"
- Reply: DDJ: "Re: IE Routing Problem"
- Reply: Ace Fekay [MVP]: "Re: IE Routing Problem"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
