Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

XP ICS client can't access 302 redirect http

Posted on 2003-11-07
9
Medium Priority
?
2,403 Views
Last Modified: 2012-05-04
Hello. Weird one, at least for me--networking yields headache!

Home office ICS network on two XP pro machines. Everything appears to be fine and stable for regular file sharing, remote access, email, and most web browsing. This is through a dialup at the moment.

No problems on the host side at all.

But then I noticed that we could not bring up certain pages on the client. For example, if you go to http://www.monster.com/ on the client, and click on search jobs, it will attempt to pull up http://jobsearch.monster.com/--well it times out.

I can ping that fine from the client.

It's not a firewall issue. I have ICF off on both, and have tried this with ZA Pro shut down, both sides (and ZA Pro is properly configured for ICS the rest of the time through "firewall>advanced"). It's not, to my knowledge, a browser issue. Tried most settings in IE, and downloaded and tried the light Mozilla, same problem.

ICS is using DCHP at the moment--basically the auto configuration. But I have tried a great many DNS, netbios, gateway, and other various settings in TCP/IP. No joy. I have tried adding my ISP DNS servers to the client too.

Then I noticed, by using a raw browser (Sam Spade) on the host, that the monster page is actually a 302 redirect. Some Google suggests other savvy people (with their own headaches) have noticed this with ICS, but can't seem to find a solution.

I was hoping to not add any more overhead to the host, which I use for heavy duty graphics--don't want to have it turn into a server.

The question(s): I suppose I should look into a lightweight proxy? (Suggestions welcome for that). Or am I missing some obscure DNS or port setting which would send the 302 stuff to client, not to a bottle-neck at the host (which is what I think is happening)? Or is there something I can add (snap in) to XP as an ICS replacement, like 2000 had?

Some system details:
XP Pro SP1 and fully patched on both. All drivers and bios on both are current.
Host: 2.4 865PE 800 on MSI Neo2-ls, gig of ram, WD Sata--i.e. solid, recent system. Best Data external v92 modem.
Integrated Intel 10/100, ip set 192.168.0.1 through auto settings in ICS. This is a wired network, machine to machine, no router.

Client p3 733 w/Microsoft PCI 10/100. 512MB. Etc. (It's not the hardware!) IP auto-assigns to 192.168.0.157.

Besides the HTTP 302 problems, I see some ads (3rd party site) sometimes do not resolve on the client.

Thanks for suggestions!

--Snazzy
0
Comment
Question by:Snazzy_Graphics
  • 4
  • 3
  • 2
9 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 9701594
These might help... but it appears that you are using dialup?

Microsoft ICS and MTU:
http://support.microsoft.com/default.aspx?scid=kb;en-us;319661
http://www.annoyances.org/exec/show/article04-107

0
 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9702362
Yep, dialup at the moment. Just PPP. I don't think the MTU settings are the thing either, because most web pages pull up just fine, no drop-outs. Only some sites are a problem--I guess it has something to do with sites using ICMP.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9702399
Yeah, dial-up connection defaults to MTU of 576, so that is traditionally not a problem.
Unfortunately, many ISPs are blocking ICMP because of the last round of worms and viruses that are plagueing the 'net, without understanding the ramifications of doing so...
My own ISP has blocked icmp. Now I can't do traceroutes or ping. My network troubleshooting from home is now severly limited. I've complained to the ISP, but the technician's response was that "they've even blocked icmp for us, too". Now how in the heck are the technicians supposed to troubleshoot their own network?
Typical knee-jerk reactions ....
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9702496
Hmmm... You've got something there. I can no longer do a windows based ping or traceroute--from the host.

Ping works fine at the command prompt. (Wonder why?)

ISP must have changed something recently.

ICMP redirect works fine on the host (in IE), but not the client local machine. There must be something that passes that along?
0
 

Expert Comment

by:adamkimber
ID: 9707346
Just as a quick fix, www.multiproxy.org, it was designed to be used as an anonymous browsing tool but works well as a normal proxy, just pop in the proxy of your ISP in the right box and away you go!
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 9707355
You might want to try resetting your TCP/IP stack on the XP box:

============
Hidden in Windows XP's System Information utility is a very good tool for getting a lot more information about what's going on. Go to Start | All Programs | Accessories | System Tools | System Information. Then choose Net Diagnostics from the Tools menu. The program will ping your DNS servers, gateways, SMTP and POP3 mail servers, and proxies; test your modem and network adapters; and supply very detailed reports about your settings, as well as which tests passed and which failed.
============

Reset TCP/IP in XP:
http://support.microsoft.com/default.aspx?scid=kb;[LN];299357
0
 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9707548
adam--Ha. I visited there last night. Ended up using http://www.guardster.com/ Of course, something is obviously fundementally screwy when Microsoft's home networking settings require me to surf like I'm in China or behind a corp porn filter. Thanks for the link!

lrmoore--I have someone on the client machine at the moment, so I will have to wait before any serious messing around. I hadn't tried netsh, so I'm hopeful. Will report back when I do. I would like to make sure there isn't a XP way of fixing this, but it appears to be my ISP protecting me from the blaster worm, like you said.

Meantime, I downloaded a proxy from this guy: http://www.analogx.com/contents/download/network/proxy.htm

Works fine. Overhead is about 5MB, which I can live with. Tempting to remove the ICS setup entirely then, which would be a glorified front end to the dialer--probably lots more overhead on that.
0
 

Expert Comment

by:adamkimber
ID: 9709648
Glad you got it semi-sorted!

ICS is probably the single most buggy thing that m$ have ever released, excluding Windows itself of course!!!!

Have you thought about maybe using a hardware solution, routers aren't _that_ expensive anymore.  Unless you've got a spare machine somewhere, doesn't need to be very fast, you could run Freesco (http://www.freesco.org/), you should find that it does all that ICS does and more...with the added benefit of maybe working :)

Adam
0
 
LVL 3

Author Comment

by:Snazzy_Graphics
ID: 9775081
For 100% certain, if I add anything else to this net, a router will be part of the package. M$ always seems to find a new way to create some sort of headache--maybe some linux and a router is the final solution.

Thanks very much for the various good suggestions Adam.

However, eureka! That netsh ip reset foo.txt command did it somehow. Ran it on both machines. It claimed (via foo) that it did something. Ended up with a weird IP on the client for a moment (164.XXX I think). Reran the network setup, both machines, reboot, and it works. (Back to a more normal IP now too).

So keep that handy in the bag of tricks, lrmoore! Thanks to you.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question