Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
202
Views
0
Helpful
1
Replies

Weird problem with ISP Provider Cable Modem

c.martin
Level 1
Level 1

‎03-23-2006 02:18 PM - edited ‎03-03-2019 02:27 AM

Not sure if anyone has seen anything like this before.

I have a PIX 520 with some web sites in a DMZ. When I try to access these Web sites via a certain ISP provider's cable modems, it can't complete the 3-way handshake and display the pages. I've sniffed the traffic with Ethereal and after the SYN I get an (ICMP - Code 13: Communication Administratively Filtered message)

But, I can access the sites from various other providers either through DSL or dial-up with no problem. And the sites appear normally for everyone else.

When I do a traceroute from this provider to the Web address it is successful. The traffic is hitting the PIX because I see the PIX ACLs incrementing when testing. I've completely opened the ACL's on the PIX and still no luck.

The cable ISP provider is of no help because when we call for support the techs are able to access the sites. This is what is leading me to believe it is an issue with the cable modems. I've tried it from at least 4 different modems and locations and it's the same story each time.

Labels:
0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎03-29-2006 11:47 AM

I think the problem is with the PIX as in the PIX would simply drop the packets if its not able to see it as a part of the 'famous' threeway handshake. That is whatthe PIX is built for under no circumstances would it comprimise on ASA(Adaptive Security Algorithm).I would recommend IDS.

0 Helpful
Customers Also Viewed These Support Documents