Hello, I'm sorry but I think this is going to be a long post....I have a problem accessing some IP addresses in my network and I think it is related to my router (a Cisco
I can assure everyone I'm at the point where I think nothing makes sense anymore, I am completly desperate and going crazy
I have attached my running config and the output of show version.
I have a simple network in this site, no access lists to block traffic just for NAT, everything is allowed to pass allways, but some days ago users complained that they where unable to access some websites. Has always I thought to myself: Not my problem ....Windows problem... spyware, virus, trojan's, etc.... but lets just take a look....just in case.
Lets say users want to access website www.aaa.bbb and that has the public address 184.108.40.206. Users behind the router type the address in Internet explorer but nothing comes up, it stays loading and loading and loading.... well so I thought.. lets telnet to 220.127.116.11 in port 80 and type "GET /" it is something i like doing so it eliminates the fact that the problem could be in the browser.... I did that but nothing was returned.... Just to check I did the same to google (telnet www.google.com 80) issued "GET /" and everything returned ok.
I don't know why but I decided to telnet to my cisco 1841 and issue a telnet session from the console to 18.104.22.168 at port 80, issued "GET /" surprise....it returns all the content of the website.... I tried it again in the computer behind the router but nothing was returned.... just a blank screen of telnet...
Thinking the problem was in the computer itself I moved to another computer...different operating system, different everything... telnet 22.214.171.124 80 - "GET /"...and nothing came up.... just to check... telnet www.google.com 80 - "GET /" and it returned all the google webpage content....
For some reason I looked to the first computer... telnet hadn't closed yet and something came up... about 100 bytes of the content of the web page turned up... I waited a bit longer and after 1 minute or so another chunk of web content came up...after a few minutes telnet eventually timed out not having received more that 400 bytes of the webpage.
So where is the problem?
At the ISP? I don't think soo, after all it works when I start the session from the router just not from my computers in my local network.
At the NAT process in the router? Well... tons of other sites work perfectly, google, yahoo, slashdot, etc....
at the webserver (126.96.36.199)? Well.. it would seem so, however I have the exact same problem with lots of sites, banking sites, government sites, even www.microsoft.com shows this problem!!!
Just when I was thinking things couldn't get any stranger, why went to the first computer and launched telnet once more... but didn't write "GET /" but instead "hET /" .... surprise... this command returns the correct web content, I can see the response from the web server stating I have issued an ilegal command.... So, not just this only happens with some sites, it only happens in computers behind the router, and it only happens if I issue a correct HTTP command.......
What have I done to try and solve this:
- Reviewed all my configuration;
- Removed and re-added everything I didn't knew what was in the configuration;
- Erased all the configuration and configured only the ATM , Dialer and FastEthernet interfaces so I could plug my laptop directly to the router not using any switch and staying completely alone in the network...
Nothing solved my problem, I have another equipment similar to this using the same access technology and it works perfectly, I even copied the configuration from that other router to this one but it didn't solve...
I don't know what to think of this anymore.... Is the router processing my HTTP requests and for some reason doesn't likes some of the requests???
All help is welcome.