?
Solved

Port 80 blocked on just one site, and only from inside our firewall

Posted on 2004-03-29
10
Medium Priority
?
266 Views
Last Modified: 2013-12-04
Here's our odd situation that cropped up today....

We have a web server sitting outside our firewall using both HTTP and HTTPS.  From inside our network I can browse using the HTTPS port, but not HTTP.  I can browse any other server, either ours or anyone elses, with HTTP just fine, and anyone outside our network can browse to our server using HTTP (or HTTPS) also just fine.

All the servers are running Win2k and IIS.  We're running RRAS using NAT as our firewall.

Telnet to port 80 inside the firewall never connects.  Telnet to port 443 inside the firewall works fine.  From anywhere else (in the world) outside the firewall (including the firewall itself), port 80 opens as is normal.

(The obligatory...) This worked fine yesterday and (also the obligatory) no, there is nothing that we are aware of that has changed in any of the server configurations.  Again, we can browse anywhere else normally, just not this server.... but it WILL connect using HTTPS.

The server appears to be correctly configured to respond to both 80 and 443 for this particular web site.

Ok, have at it! :-)

Thanks,
Scott
0
Comment
Question by:shoge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
10 Comments
 
LVL 5

Expert Comment

by:visioneer
ID: 10708145
Apparently your firewall is blocking port 80 from the inside to this box on the outside.
0
 

Author Comment

by:shoge
ID: 10708388
But then why would I be able to browse any other site?  If port 80 were blocked, then I would expect that I wouldn't be able to browse at all.
0
 
LVL 5

Expert Comment

by:visioneer
ID: 10708427
As I said, it's probably blocking from the inside to the box on the outside.  Specifically to that box.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:shoge
ID: 10708582
Ok, the RRAS service on the firewall reports no input or output filters on either the LAN or WAN interfaces.  Also, no filters defined for the adapters themselves on either the firewall or web server.  If it's being filtered, I can't find it.
0
 

Author Comment

by:shoge
ID: 10708727
portqry does report that it is FILTERED.  I just haven't a clue as to where.

Here's the other odd thing... If I connect to the web site's address inside the firewall (it has two adapters and bridges the firewall) on port 80, it opens just fine.
0
 
LVL 5

Expert Comment

by:visioneer
ID: 10708954
You'll need to access the inside adapter from inside the firewall.
0
 

Author Comment

by:shoge
ID: 10709030
Well, that's our workaround for now, but I want to understand WHY this is happening. :-)
0
 
LVL 5

Accepted Solution

by:
visioneer earned 2000 total points
ID: 10709080
Some firewalls will not route an inside address to an outside address that is defined on the same firewall because the traffic has to go out and then back in.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month8 days, 4 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question