- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
10-10-2016 04:58 AM
Greetings,
I hoping you guys can help me with getting to a website called "https://www.labeebyacademy.co.uk/".
When a user tries to go to this website it does not load. When going through my other firewall of the other site it works fine.
I have tried several things on the firewall, but this still fails to load.
The website resolves to 46.37.179.197. I have PCAPs on this from the firewall.
I have tried several things from the firewall:
-Tried creating an allow all policy for one IP
-Checked the correct NAT policy is being applied
-dropped the MTU size on the external interface to various values, but this made no difference
-disabled the decryption rules
Now I have come to the stage of doing the pcaps from the firewall.
I do suspect this to be an MTU issue. I am not sure if reducing the MTU on the external interface was correct.
I have uploaded the PCAPS here hope you guys can advise further.
Many Thanks,
10-10-2016 06:29 AM
I'm not seeing any PCAPs but I can load this website on my end perfectly fine; so I don't think MTU would be the issue unless you have changed it from default on your end for some reason. Also keep in mind that depending on your ISP changing the MTU on your end may not actually be doing anything, the ISP can controll the MTU on their link so if you suspect it to be MTU make sure that they aren't monkeying around with that after it leaves your network.
10-14-2016 09:07 AM
Sorry for the delay in my reply.
I do not think this is ISP issue. As there are two firewalls for two sites and the other site with the same ISP is working.
I have uploaded the following snips:
tx_capture - is the transmit packet capture
fw_capture - is the firewall packet capture
rc_capture - is the recieve packet capture
10-14-2016 12:30 PM - edited 10-14-2016 12:36 PM
PCAPs suggests you never got 3way handshake established for this particular website. Did you try to ping or run a traceroute from the firewall to the 46.37.179.197? How about threat logs (if profiles applied to the zone)
10-14-2016 12:54 PM - edited 10-14-2016 02:41 PM
Just have tried both ping and traceroute are disabled (not responding) for this website. So l did a little test from my FW to confirm 3way handshake:
But why this particular website only is not working for you???
10-18-2016 05:40 AM
Hi,
Thanks for the info. I am not sure why it is only this website, but I think I have found out where the issue may lie.
I think it may be a routing issue in the network, which needs to be corrected. I will let you know if that resolves the issue.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!