Networking Problem - Firewall blocking traffic from Ubuntu but allows Windows
Markus Schönhaber
ubuntu-users at list-post.mks-mail.de
Sat Jun 20 15:28:50 UTC 2009
Anoop John:
> * When these people try to acess the Wireless network in their office
> from Ubuntu, they get connected to the access point but their packets
> get stopped at a Symantec firewall that sits at the gateway.
>
> Symptoms
>
> * I can ping the firewall as well as other systems in the network.
> * tracepath stops at the firewall.
tracepath sends UDP packets as big as they can be to do PMTU detection.
If you lower the packet size (e. g. tracepath -l 100 ...) does that
change anything? Do you get replies when ping'ing a machine on the
internet that is known to respond to echo requests?
If the answer is "no" in both cases, that pretty much rules out a MTU
problem.
> * The same system when booted off from windows can access the internet
So, the most interesting question is: what is different between Ubuntu
and Windows? Does the machine get the same IP in both cases?
> * I tried changing MTU to 1492 and 1400 using NetworkManager but that
> didn't help
>
> Network Layout
>
> Wireless connection is via an Accesspoint connected to an L3 switch
> (Cisco L3 switch 4507) that forwards all traffic to the
> router/firewall (Symantec UTM box 5640) which is connected directly to
> the internet.
How is that box connected to the internet? The MTU of 1492 you mention
above suggests some kind of DSL/PPPoE.
Does it do NAT?
> Interestingly the firewall log records that the packets
> are being forwarded and not dropped when the connection is from Ubuntu
> or Windows.
What's the difference then between packets from Ubuntu and Windows? If
the Symantec Box does NAT, are the packets from Ubuntu NAT'ed too?
--
Regards
mks
More information about the ubuntu-users
mailing list