Hi,
I have found the problem and fixes. Actually the (deny ip any any dscp 2 command at the out interface) was giving the trouble which I have run few weeks ago to policing the streaming website. Thanks to all for the support. Regards Singh From: harbor235 [mailto:harbor...@gmail.com] Sent: Friday, April 15, 2011 8:39 PM To: Daljit Singh Subject: Re: [c-nsp] Sftp Hanging Cisco 3660 (HSRP active) The MTU issue would be end to end, source to destination and back. Is there a firewall or router filtering ICMP ? If the source cannot perform PMTUD via ICMP then intermediate devices will not be able to fragment. mike On Fri, Apr 15, 2011 at 6:03 AM, Daljit Singh <daljit.si...@myway.in> wrote: HI, MTU is 1500 on both devices. Regards Daljit Singh -----Original Message----- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of harbor235 Sent: Thursday, April 14, 2011 10:35 PM To: Bunny Singh Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Sftp Hanging Cisco 3660 (HSRP active) Sounds like an mtu issue. mike On Thu, Apr 14, 2011 at 12:48 PM, Bunny Singh <jump2fl...@yahoo.com> wrote: > > > > I'm having a problem with incoming SfTP hanging. I can see the > > initial handshake occuring but directory listing not coming and giving > timeout, Users trying access our sftp server from public, I am getting the > possitive resulting by running (using 'telnet <servername> 22'). But when i > try to connect sftp from command prompt or through Filezilla then i am > getting time out and no directory showing. This is happening only when my > 3660 is a active hsrp router, and same sftp service will work fine when my > 4948 is active hsrp router. > > Actually I'm running two cisco devices (One is 3660 & second is 4948 with > BGP peering with 2 ISPs. we are running HSRP. I have web servers behind > these routers and they seem to be behaving just fine. I'm at a loss as to > what could be causing this problem. I've put known good sftp server on the > same network and had the same issue with it as well. When I trying to > connect through our native network ,it works fine, no delay after the > initial handshake. Any ideas as to what could be causing this or what I > should look at? > > > Regards > Singh > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Disclaimer: This e-mail & attachment(s) within it are for sole use of intended recipient(s) & may contain confidential & privileged information. If you are not the intended recipient, please intimate the sender by replying to this email & destroy all copies & the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited & unlawful. The recipient acknowledges that COMPANY , its subsidiaries, associated companies or persons authorized by it (collectively "THE Group"), are unable to exercise control, ensure, guarantee the integrity of/over the contents of the information contained in e-mail transmissions & further acknowledges that any views expressed in this message are those of the individual sender & no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of THE Group. Disclaimer: This e-mail & attachment(s) within it are for sole use of intended recipient(s) & may contain confidential & privileged information. If you are not the intended recipient, please intimate the sender by replying to this email & destroy all copies & the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited & unlawful. The recipient acknowledges that COMPANY , its subsidiaries, associated companies or persons authorized by it (collectively "THE Group"), are unable to exercise control, ensure, guarantee the integrity of/over the contents of the information contained in e-mail transmissions & further acknowledges that any views expressed in this message are those of the individual sender & no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of THE Group. _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/