Hello! I have worked to fix this problem all day and have been unable to. Time to ask the list...
I have replaced an older firewall with a Dachstein firewall. The firewall sits between a DSL router and an Ethernet network. It also is configured for two IPsec tunnels. There are several holes punched in the firewall that portmap to the network's fileserver, mainly for services provided by Lotus Domino. NAT functions correctly, both IPsec tunnels function correctly, e-mail (seems to) function correctly. The problem is the webserver, also Lotus Domino. If an outside Internet user browses the server, the browser just sits there, with the logo spinning, forever. It seems like a TCP session is started, but no data comes. Certain URL's work: if I hand-craft a really small page, for example. Larger pages don't, nor do pictures or anything else you might download, either directly or from an <IMG> tag, even from one of those simple pages. It feels like a connection with a bad connection or an incorrect packet size: small packets work, large ones don't. There are two things that work against this, though. First, this firewall provides the only Internet connection for the office, and they can browse just fine, and e-mail seems to be OK, even when sending large files, though I have been not completely able to verify this to my satisfaction. There is a second thing that is killing me about this, too: The insecure side of the firewall has a /29 netmask. The router has an address, and the firewall has an address, leaving 3 valid addresses unused. If I configure my notebook to use this address, I can browse the site just fine. Also, IPsec VPN users can browse the server just fine, too... I have also tried software other than Lotus Domino. For example, I downloaded a tiny HTTP server called Abyss Web Server. I stopped the POP3 daemon from within Domino and configured Abyss to use port 110. Again, I can browse the opening webpage from off-site (including the linked, but tiny, graphic), but not use that server to download a larger file. So, it doesn't seem to be related to Lotus Domino, nor to something specific about port 80... I've changed out the complete hardware of the firewall (I'm using DOM and swapped it from one identical firewall hardware config to another). I'm using a Via Eden Mini-ITX board with 533MHz CPU, 128MB RAM, 32MB DOM, and a Netgear FA311 NIC (in addition to the VIA Rhine NIC on the motherboard). I'm pretty sure this has not done this since the beginning. Also, I have been able to browse the website properly for extremely brief periods. As far as I can tell, it's usually after a power off, but most of the time a poweroff doesn't seem to fix it. I'm stuck. I'm just plain out of intelligent ideas. Any suggestions? Tim Massey __________________________________________________ Do you Yahoo!? HotJobs - Search new jobs daily now http://hotjobs.yahoo.com/ ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
