To all network Gurus:

Corrugated

Limp Gawd
Joined
Apr 9, 2000
Messages
260
We have recently switched our T1 providers and are having a heck of a time figuring out why we no one can reach our web site. Network solutions has been updated with the new IP's, our firebox (firewall) has been updated as well as the IP addresses for the DNS under Windows 2000. Mail and our VPN's work with no problem, but still no one can reach our web site. The site is http://www.badgerpackaging.com . I for the life of me can't think of what I am missing.

Thanks

Corrugated
 

d03boy

Limp Gawd
Joined
Feb 3, 2004
Messages
174
Start taking parts of hte network away such as the firewall and see what it is that's screwing up the connection.
 

KaosDG

[H]F Junkie
Joined
Apr 3, 2000
Messages
11,944
Do you have the webserver inside or outside the Firewall?

If it's inside, is the HTTP protocol forwarded right?

in the HTTP prooperties on the firebox it should say something like incoming enabled and the "to" box should be [external ip] -> [internal ip]
 

marshac

American Hero
Joined
Mar 25, 2003
Messages
2,552
You might want to look at your firewall. You guys seem to be blocking everything, including ICMP. I know ICMP gets a bad rep for being used for DOS attacks and such, but it is important. =) It's not the cause of your problems, but you might want to re-eval the decision of blocking it.

What kind of firewall do you guys use? Could you post your ACL?
 

mitch808

[H]ard|Gawd
Joined
Jun 27, 2001
Messages
1,753
Originally posted by marshac
You might want to look at your firewall. You guys seem to be blocking everything, including ICMP. I know ICMP gets a bad rep for being used for DOS attacks and such, but it is important. =) It's not the cause of your problems, but you might want to re-eval the decision of blocking it.

What kind of firewall do you guys use? Could you post your ACL?


I'm with him ^^
 

BobSutan

[H]F Junkie
Joined
Apr 5, 2000
Messages
11,416
Verify the DNS has been fully propagated and that ICMP isn't mucking up the VPN. Check out this thread for more info on how ICMP interacts with VPNs.
 

Blitzrommel

2[H]4U
Joined
Sep 26, 2001
Messages
2,659
I'm assuming you're using IIS for webserving. Check the website's properties and see if it's bound to any address in particular.
 

SKiTLz

2[H]4U
Joined
Aug 3, 2003
Messages
2,664
Originally posted by Gertrude
Maybe your webserver is set to listen on the old IP address?
Quite possible. You or the person before you may very have binded the http daemon (IIS/apache) to a a specific interface. Might want to check that.
 

bigstusexy

2[H]4U
Joined
Jan 28, 2002
Messages
3,194
I can suggest that you do a tracroute from an outside source, also try to contact the server with just the IP from outside. That should eliminate DNS as the problem. If you still can't connect then its some configuration issue somewhere, looks like its time to sniff!
 

Corrugated

Limp Gawd
Joined
Apr 9, 2000
Messages
260
Thanks to everyone for your suggestions. The problem came down to having a different subnets for our WAN and ALIAS (public) ip addresses. Our Firebox must have the WAN and ALIAS ip's on the same subnet.

Thank again,

Corrugated
 
Top