Re: OT: Web Mail Issues

From: Abu Hamzah (hamzah.abu@gmail.com)
Date: Sun Dec 02 2007 - 02:53:00 ART

• Next message: Joseph Saad: "Re: Multicast DR relation to RP location"
• Previous message: Yazan Mughrabi: "Multicast DR relation to RP location"
• Maybe in reply to: Donghai Zhang: "Re: OT: Web Mail Issues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks for that.

We removed the the INBOUND and OUTBOUD ACL from the exteranl interface, and
the users report the Yahoo and Hotmail sites to be OK now....

The problem is that the Yahoo and Hotmail access was ONLY giving issues
sometimes, so this may be coincidental...we will keep testing to see...

The router was configures by someone else a few months back. I suppose they
were trying to have some firewalling on this Internet router becuase there
is no firewall besides this router...
Can someone suggest a better firewalling configuration option on this router
to secure the LAN?

Thanks and regards.

On Dec 2, 2007 8:10 AM, Donghai Zhang <zdh1207@gmail.com> wrote:

> What's the use of applying self-reflect ACL here? Seems nat itself
> has prevented access into LAN . Maybe you could omit the INBOUND and
> OUTBOUD ACL and try it again....
>
> 2007/11/30, Terry Tender <terry.tender@gmail.com>:
> >
> > You could try to remove the reflective ACL and do NAT with a single IP
> > address...just to test things out..
> >
> > Terry
> >
> >
> >
> > On 11/29/07, v.shekhar@yahoo.com <v.shekhar@yahoo.com> wrote:
> > >
> > > Does this happen when using the new XML or Java based Webmail
> interface?
> > > How much internet bandwidth does he have?
> > > The newer webmails require more bandwidth compared to the old HTML
> only
> > > interface.
> > > I am suspecting a bandwidth issue here.
> > >
> > >
> > > Thanks,
> > > -sHekHar.
> > > CCIE#17589/CISSP/RHCE.
> > >
> > > ----- Original Message ----
> > > From: Abu Hamzah <hamzah.abu@gmail.com>
> > > To: ccielab@groupstudy.com
> > > Sent: Thursday, November 29, 2007 7:52:52 PM
> > > Subject: OT: Web Mail Issues
> > >
> > >
> > > Hi there
> > >
> > >
> > >
> > > A friend is facing some Web mail browsing issues with pretty simple
> LAN
> > > setup with Internet router and some switches. Yahoo web mail and
> > > Hotmail
> > > give Internet Explorer messages time to time saying "Page not found".
> > > This
> > > happens when the emails are being deleted or when attaching docs to
> > > emails.
> > > All other website browsing is OK. Sometimes all works fine, so the
> > > Yahoo/Hotmail issue is very much intermittent.
> > >
> > >
> > >
> > > The Internet router config is similar to the one below...
> > >
> > >
> > >
> > > I think the NAT overload may not be configured correctlyAny ideas?
> > >
> > >
> > >
> > > Regards.
> > >
> > >
> > >
> > > Abu Hamzah
> > >
> > > -----------------------
> > >
> > > !
> > > version 12.4
> > > !
> > > boot-start-marker
> > > boot-end-marker
> > > !
> > > no aaa new-model
> > > no network-clock-participate wic 0
> > > no network-clock-participate aim 0
> > > !
> > > ip cef
> > > !
> > > voice-card 0
> > > no dspfarm
> > > !
> > > interface GigabitEthernet0/0
> > > ip address 192.168.100.146 255.255.255.0
> > > ip nat inside
> > > duplex full
> > > speed 100
> > > no cdp enable
> > > !
> > > interface GigabitEthernet0/1
> > > ip address 77.222.98.42 255.255.255.252
> > > ip access-group INBOUND in
> > > ip access-group OUTBOUND out
> > > ip nat outside
> > > no ip mroute-cache
> > > duplex full
> > > speed 10
> > > !
> > > ip route 0.0.0.0 0.0.0.0 77.222.98.41
> > > !
> > > ip http server
> > > no ip http secure-server
> > > ip nat pool TEST 77.222.121.57 77.222.121.58 netmask 255.255.255.248
> > > ip nat inside source list 1 pool TEST overload
> > > !
> > > ip access-list extended INBOUND
> > > evaluate Internet
> > > ip access-list extended OUTBOUND
> > > permit tcp 77.222.121.56 0.0.0.7 any reflect Internet
> > > permit udp 77.222.121.56 0.0.0.7 any reflect Internet
> > > permit icmp 77.222.121.56 0.0.0.7 any reflect Internet
> > > !
> > > access-list 1 permit 192.168.0.0 0.0.255.255
> > > access-list 1 permit 172.19.0.0 0.0.255.255
> > >
> > > !
> > > control-plane
> > > !
> > > line con 0
> > > line aux 0
> > > !
> > > end
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> >
> ____________________________________________________________________________________
> > > Never miss a thing. Make Yahoo your home page.
> > > http://www.yahoo.com/r/hs
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Joseph Saad: "Re: Multicast DR relation to RP location"
• Previous message: Yazan Mughrabi: "Multicast DR relation to RP location"
• Maybe in reply to: Donghai Zhang: "Re: OT: Web Mail Issues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 01 2008 - 12:04:28 ARST