[RndTbl] network problem

Dan Martin ummar143 at shaw.ca
Thu Feb 14 17:42:20 CST 2008

Sean Walberg wrote:
> Random thoughts:
> Win2k outside fw is not a conclusive test. Some people are only
> allowed 1 ip from the modem. Unplug fw from modem, reboot modem, and
> try again
I did power it down - though only for 30 sec.  It appeared to go through 
the cycle of flashing lights, etc.
> Does the win2k box pick up an addy on the inside (assuming you use dhcp)?
Using fixed private addresses on the inside.
> Not sure why you're getting proxy errors, are you configured for a proxy?
No - other than the firewall acting as a proxy (which should be 
transparent to the app).
> You could also try tcpdump or wireshark to see what's going on network wise.
I will have to play sometime - but at present it works on a different 
machine on the network, even though it should be handled exactly the 
same by the firewall.
> Sean
> On 2/14/08, Dan Martin <ummar143 at shaw.ca> wrote:
>> I have a home LAN that uses a iptables firewall running on FC 4 on my
>> gateway machine.  I run Win2K on an internal LAN machine that I use to
>> run (among other things) 2 applications that contact remote servers.
>> Using SNAT in iptables, everything seemed to run fine, since all
>> communications with the servers were initiated on my end and return
>> packets were appropriately translated back.
>> Recently I upgraded one of the apps that accesses a broker and real time
>> quotes.  It then failed to run, and their minimal tech support could not
>> help me get it going.  The failure was blamed on my firewall.  I changed
>> it to allow some new connections from the internet (DNAT) but to no
>> avail.  I assumed that I had implemented DNAT incorrectly or there were
>> things they weren't telling me.
>> Yesterday, I found I was unable to run an app that accessed a second
>> server - even though I had run it many times previously.  It gave the
>> error "Cannot connect to the ... server.  Proxy connection failed: the
>> configured proxy server is not accepting connections."  Changing my
>> firewall back to the previous version did not solve the problem.
>> I plugged my Win2K machine directly to the cable modem and configured it
>> to connect by DHCP.  I could not get an address for it.  Shaw believes
>> the modem is working and trying to assign an address.
>> I finally installed this second app into another Windows machine on the
>> internal LAN and it ran perfectly.
>> It shouldn't be a firewall problem - the iptables should handle one
>> internal machine exactly the same as the other - no rules specify a
>> particular machine except the DNAT rules, which were removed.
>> It is suspicious that the NIC would not configure when plugged to the
>> cable modem - but everything else works.  I can browse the web and get
>> my mail.
>> Is this consistent with a NIC failure?  could it be something else?
>> --
>>   -Dan


Dr. Dan Martin, MD, CCFP, BSc, BCSc (Hon), MSc

GP Hospital Practitioner
Computer Scientist
ummar143 at shaw.ca
(204) 831-1746
answering machine always on

More information about the Roundtable mailing list