Solved

XP ICS client can't access 302 redirect http

Posted on 2003-11-07
9
2,364 Views
Last Modified: 2012-05-04
Hello. Weird one, at least for me--networking yields headache!

Home office ICS network on two XP pro machines. Everything appears to be fine and stable for regular file sharing, remote access, email, and most web browsing. This is through a dialup at the moment.

No problems on the host side at all.

But then I noticed that we could not bring up certain pages on the client. For example, if you go to http://www.monster.com/ on the client, and click on search jobs, it will attempt to pull up http://jobsearch.monster.com/--well it times out.

I can ping that fine from the client.

It's not a firewall issue. I have ICF off on both, and have tried this with ZA Pro shut down, both sides (and ZA Pro is properly configured for ICS the rest of the time through "firewall>advanced"). It's not, to my knowledge, a browser issue. Tried most settings in IE, and downloaded and tried the light Mozilla, same problem.

ICS is using DCHP at the moment--basically the auto configuration. But I have tried a great many DNS, netbios, gateway, and other various settings in TCP/IP. No joy. I have tried adding my ISP DNS servers to the client too.

Then I noticed, by using a raw browser (Sam Spade) on the host, that the monster page is actually a 302 redirect. Some Google suggests other savvy people (with their own headaches) have noticed this with ICS, but can't seem to find a solution.

I was hoping to not add any more overhead to the host, which I use for heavy duty graphics--don't want to have it turn into a server.

The question(s): I suppose I should look into a lightweight proxy? (Suggestions welcome for that). Or am I missing some obscure DNS or port setting which would send the 302 stuff to client, not to a bottle-neck at the host (which is what I think is happening)? Or is there something I can add (snap in) to XP as an ICS replacement, like 2000 had?

Some system details:
XP Pro SP1 and fully patched on both. All drivers and bios on both are current.
Host: 2.4 865PE 800 on MSI Neo2-ls, gig of ram, WD Sata--i.e. solid, recent system. Best Data external v92 modem.
Integrated Intel 10/100, ip set 192.168.0.1 through auto settings in ICS. This is a wired network, machine to machine, no router.

Client p3 733 w/Microsoft PCI 10/100. 512MB. Etc. (It's not the hardware!) IP auto-assigns to 192.168.0.157.

Besides the HTTP 302 problems, I see some ads (3rd party site) sometimes do not resolve on the client.

Thanks for suggestions!

--Snazzy
0
Comment
Question by:Snazzy_Graphics
  • 4
  • 3
  • 2
9 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 9701594
These might help... but it appears that you are using dialup?

Microsoft ICS and MTU:
http://support.microsoft.com/default.aspx?scid=kb;en-us;319661
http://www.annoyances.org/exec/show/article04-107

0
 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9702362
Yep, dialup at the moment. Just PPP. I don't think the MTU settings are the thing either, because most web pages pull up just fine, no drop-outs. Only some sites are a problem--I guess it has something to do with sites using ICMP.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9702399
Yeah, dial-up connection defaults to MTU of 576, so that is traditionally not a problem.
Unfortunately, many ISPs are blocking ICMP because of the last round of worms and viruses that are plagueing the 'net, without understanding the ramifications of doing so...
My own ISP has blocked icmp. Now I can't do traceroutes or ping. My network troubleshooting from home is now severly limited. I've complained to the ISP, but the technician's response was that "they've even blocked icmp for us, too". Now how in the heck are the technicians supposed to troubleshoot their own network?
Typical knee-jerk reactions ....
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9702496
Hmmm... You've got something there. I can no longer do a windows based ping or traceroute--from the host.

Ping works fine at the command prompt. (Wonder why?)

ISP must have changed something recently.

ICMP redirect works fine on the host (in IE), but not the client local machine. There must be something that passes that along?
0
 

Expert Comment

by:adamkimber
ID: 9707346
Just as a quick fix, www.multiproxy.org, it was designed to be used as an anonymous browsing tool but works well as a normal proxy, just pop in the proxy of your ISP in the right box and away you go!
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 9707355
You might want to try resetting your TCP/IP stack on the XP box:

============
Hidden in Windows XP's System Information utility is a very good tool for getting a lot more information about what's going on. Go to Start | All Programs | Accessories | System Tools | System Information. Then choose Net Diagnostics from the Tools menu. The program will ping your DNS servers, gateways, SMTP and POP3 mail servers, and proxies; test your modem and network adapters; and supply very detailed reports about your settings, as well as which tests passed and which failed.
============

Reset TCP/IP in XP:
http://support.microsoft.com/default.aspx?scid=kb;[LN];299357
0
 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9707548
adam--Ha. I visited there last night. Ended up using http://www.guardster.com/ Of course, something is obviously fundementally screwy when Microsoft's home networking settings require me to surf like I'm in China or behind a corp porn filter. Thanks for the link!

lrmoore--I have someone on the client machine at the moment, so I will have to wait before any serious messing around. I hadn't tried netsh, so I'm hopeful. Will report back when I do. I would like to make sure there isn't a XP way of fixing this, but it appears to be my ISP protecting me from the blaster worm, like you said.

Meantime, I downloaded a proxy from this guy: http://www.analogx.com/contents/download/network/proxy.htm

Works fine. Overhead is about 5MB, which I can live with. Tempting to remove the ICS setup entirely then, which would be a glorified front end to the dialer--probably lots more overhead on that.
0
 

Expert Comment

by:adamkimber
ID: 9709648
Glad you got it semi-sorted!

ICS is probably the single most buggy thing that m$ have ever released, excluding Windows itself of course!!!!

Have you thought about maybe using a hardware solution, routers aren't _that_ expensive anymore.  Unless you've got a spare machine somewhere, doesn't need to be very fast, you could run Freesco (http://www.freesco.org/), you should find that it does all that ICS does and more...with the added benefit of maybe working :)

Adam
0
 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9775081
For 100% certain, if I add anything else to this net, a router will be part of the package. M$ always seems to find a new way to create some sort of headache--maybe some linux and a router is the final solution.

Thanks very much for the various good suggestions Adam.

However, eureka! That netsh ip reset foo.txt command did it somehow. Ran it on both machines. It claimed (via foo) that it did something. Ended up with a weird IP on the client for a moment (164.XXX I think). Reran the network setup, both machines, reboot, and it works. (Back to a more normal IP now too).

So keep that handy in the bag of tricks, lrmoore! Thanks to you.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question