Strange problem can not access specific website.

Also, We seem to have no problem going to other sites and the mail server is working well.

Greetings lizardqueen007 ,

If they are blocking your IP you can use any public proxy to test it.

Choose any public proxy from the list
http://www.proxy4free.com/page1.html

In your browser just configure proxy IP and Port then open any working site (ex. https://www.experts-exchange.com) to check proxy's working state then open www.goldenone.com

This time they will get proxy's IP instead of yours and it may not be blocked.

(Some Proxies may be down or having heavy traffic so try 3 - 4 proxies to get a working one)

Hope this help

As far as I can see it is nothing you can do specifically.  The router at 63.145.241.33 is as far as it's got which I presume is on the internet and not your own external address, in which case there is a routing problem which can only be solved by the ISP's involved.

But as sunilcomputer says you may be able to get around it using a public proxy as then you talk to the proxy and the proxy talks to the remote site (if it can get to it too).

Steve

sunilcomputer,
The page www.goldenone.com DOES display through a proxy!
Are you sure this means they are blocking our IP?
It seems to be true, but I am not sure if changing proxy doesn't change more than just IP.
I am not doubting you, but I need to be sure before I shoot off my mouth.
Thank you Laura

See above.  63.145.241.33 is mail.us.embeddedsol.com, is that you?

Try tracert www.goldenone.com to see where it stops.  If it is after the first internet IP then there is a routing issue at the ISP as above.  You are getting host unreachable from that router which means it doesn't know how to get any further towards the host.

Steve

dragon-it,
I'm just trying to understand exactly what it means that I can go the the site through a proxy, but not directly.
You say a routing problem?  Please explain if you would.

dragon-it,
Tracing route to goldenone.com [63.80.202.32]
over a maximum of 30 hops:

  1     4 ms     2 ms     4 ms  mail.us.embeddedsol.com [63.145.241.33]
  2  mail.us.embeddedsol.com [63.145.241.33]  reports: Destination host unreacha
ble.

Trace complete.

When you are using a proxy you are talking directly to that proxy and that proxy does the job of talking to the rest of the world for you.  As fasr you are concerned you only talk to the proxy and the website only sees the proxy talking to it, not you, effectively you have an extra level of anonminty (can't for the life of me work out how to spell that at the moment but you get the idea).

When you connect without the proxy you need an end to end connection between you and the web server and it sounds like there is a break somwhere along the way in the routing, though the routing between the proxy you chose and the webserver is clearly OK.


Try a tracert and see how far it gets.
Steve

dragon-it,
here is another tracert to google.
Tracing route to www.l.google.com [66.102.7.147]
over a maximum of 30 hops:

  1     2 ms     3 ms     2 ms  mail.us.embeddedsol.com [63.145.241.33]
  2     5 ms     7 ms     5 ms  svl-edge-12.inet.qwest.net [63.145.225.245]
  3     5 ms     5 ms     5 ms  svl-core-01.inet.qwest.net [205.171.14.133]
  4     5 ms     5 ms     6 ms  pax-edge-01.inet.qwest.net [205.171.214.30]
  5     5 ms     5 ms     5 ms  72.165.46.26
  6     7 ms     6 ms     6 ms  66.249.94.14
  7     8 ms    17 ms     7 ms  66.249.94.227
  8     6 ms     6 ms  ^C

Ok so 63.145.241.33 is you then, just a guess but check your router's IP address and subnet details if they are manually entered.  Maybe you have a subnet mask of 255.0.0.0 or something or there is a static route defined wrongly in there.

As a matter of interest can you get to :

ping 63.145.241.1
ping 63.90.1.1

both of which ping from here OK.

Steve

dragon-it,
please see above your last post for tracert to goldenone.com

(our posts crossed before).

dragon-it,
I can not ping either of those two ips

Dragon-it,
Remember before I mess with the router too much that I can go to every other site that I have tried.

On the webserver where the site is actually hosted they can chack the following and block you using any of them :-

1. The Client's  Operating System
2. Client's Brower and It's version
3. Client's ISP's IP (Your Internet Service Provider's IP) (May be Static or Dynamic Doesn't Matter)
4. Using advance programming they can read your MAC Address HDD Serial, Your Workgroup etc.

But some Proxies have the Capabiliy to change above info and make fool of them.

Most of the time ISP's IP is the Key, So one good option is just use any other ISP's Internet Connection at one machine inside your network (Ex. Dialup Connection from Different ISP) then Do not use any public proxy and then try to open www.goldenone.com.

Then as they are on the same IP range 63.x.x.x as your router I suggest you check it's settings.  I imagine the subnet mask will be set to 255.0.0.0 or possible 255.254.0.0 rather than the correct setting.  Post the router ip, default gateway and subnet mask if you can please.

sunilcomputer,
we have legitamate reasons to go to this site, so if I can find the cause perhaps I can call IT and have them unblock, but before I accuse them I would like to know all possibilities.  If it's a problem with ISP then I would have them make changes if possible.
Laua

He is not getting to the remote webserver.  He isn't getting beyond his router.


Steve

dragon-it, I would rather not post router config if possible since I probably already revealed more than I should.  Perhaps if you as, I can tell you what the settings are.  I am pretty sure that the subnet is correct, at least it is the subnet the isp gave me.   255.255.255.224 external block of 30 addresses with one static going to web server.

If you are not IT I would ask them to check if they can ping these hosts from their router and then if not ask them to find out why not...

Funny thing tho tracert to google works.  So are you saying the problem might be that goldenones ip and ours are similar?

I can try ping from router.

Fair enough.  Posts cross again.. Can you PING the server involved or other IP's from your router?

Steve

Here is a ping from router:

router>ping www.goldenone.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.80.202.32, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

<<So are you saying the problem might be that goldenones ip and ours are similar?>>

I was but if your subnet mask is correct that should be OK.  Just strange you can't ping various other IPs on the 63.x range that I picked at random and could ping...

Steve

router>ping www.google.com
Translating "www.google.com"...domain server (4.2.2.2) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.102.7.104, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms

I will check subnet mask

What about the other two IP's or try various addresses in the 63.x range.   Does your router do trace route too?

Here is from router config
Serial0 is up, line protocol is up
  Hardware is HD64570 with FT1 CSU/DSU
  Internet address is 63.145.225.xxx  255.255.255.252

Thanks, that loojks fine. No other interfaces with a stray 63.x address I presume or similar entry in routing table?

Only two interfaces

Bizarre then!  Might be worth contacting your ISP to check if they can get to those IP ranges too in which case it would narrow it down to your router config.  If you don't mind posting your config. by email you'll find my email in my profile -- obviously strip out any passwords etc :-)

Although I am confuse because the ISP said subnet should be /27 so is 252 correct?

I guess /27 is the internal subnet

No if you are sure it is /27 then it should be 255.255.255.224 so maybe you can't get to a gateway it needs to...

ok dragon-it leep of faith I will mail config

crossed again :-)

the config has been sent thanks

dragon-it,
All those access-list deny entries are for spamming jerks that were trying to use the mail server.  No open relay, but still they try.

Hey dragon-it,
I need to go, but please let me know via email your thoughts and then we can post so as not to be rude to exchane community who are so helpful.

Not a Cisco expert but I don't see any issues in there unfortunately.  Think it may be time to talk to your ISP.  You could quickly turn off your anit-spam deny access group rule to see if somehow one of these is kicking in but I think not.

Have you tried a tracert from the router to se eif it is getting anywhere for those IP's.

Steve

no
but I will

Here is the traceroute for google and goldenone.  I think now it's obvious that they are not blocking me it's closer up the line somewhere.

Router#traceroute www.google.com
Translating "www.google.com"...domain server (4.2.2.2) [OK]

Type escape sequence to abort.
Tracing the route to www.l.google.com (66.102.7.99)

  1 svl-edge-12.inet.qwest.net (63.145.225.245) 4 msec 8 msec 4 msec
  2 svl-core-02.inet.qwest.net (205.171.14.129) 8 msec 4 msec 8 msec
  3 pax-edge-01.inet.qwest.net (205.171.214.34) 4 msec 4 msec 8 msec
  4 72.165.46.26 4 msec 8 msec 4 msec
  5 66.249.94.12 8 msec
    66.249.94.14 8 msec 12 msec
  6 66.249.94.226 4 msec
    66.249.94.227 8 msec 8 msec
  7  *  *  *
  8  *  *  *
  9 www.l.google.com (66.102.7.99) 8 msec 4 msec 4 msec
Router#traceroute www.goldenone.com

Type escape sequence to abort.
Tracing the route to goldenone.com (63.80.202.32)

  1  *  *  *
  2  *  *  *
  3  *  *  *
  4  *  *  *
yada yada yada
 30  *  *  *
Router#

To be honest, I don't give a @#$% about goldenone.com, but as I was explaining to my client how the network was fixed, he pulls this one out.  Plus this is a puzzle that will drive me crazy if I don't get to the bottom.

What is it about this website???!!!

The last time I spoke to qwest about our dns problems, they assured me that everything is great on there end.  I wish I had another client using qwest to see if they are the problem.  It makes me nuts that so many ISPs won't admit to fault.

It does seem you are not even hitting the default route.  I would suggest you go back to them armed with a copy of your config. file from the router and a link to this Q.  Think I've run out of ideas for now!

I am out of ideas on our end also, but dragon-it you helped me narrow it down, and I appreciate.  I will make sure you get   some points for the effort.  Take care,
Laura

No problem, sorry I couldn't solve the problem but keep plugging away at the ISP and get them to test.

Steve

It is no wonder that you can't contact www.goldenone.com.  They are offline as far as I can tell:

C:>ping www.goldenone.com

Pinging goldenone.com [63.80.202.32] with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 63.80.202.32:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

jhance,
They are NOT offline.  I can reach them from several other computers from different ISPs, but this is interesting.  You are having trouble also?

If I might ask jhance, who is your ISP.  The one that is having trouble is qwest.

Besides, jhance as you can see by the posts, it seems as though the failure to connect is very close to me in the path, which makes me suspect the ISP.

My ISP is Insight Broadband (insightbb.com) from here.  I believe they use Sprint as their backbone provider.

jhance, how far do you get with a tracert?  I can ping it from here in the UK from my PDA over t-mobile GPRS network?

06/21/06 07:52:16 Fast traceroute www.goldenone.com
Trace www.goldenone.com (63.80.202.32) ...
 1 XX.XX.XX.X       0ms    0ms    0ms  TTL:  0  (dhcp-xx-xx-xx-x.insightbb.com probable bogus rDNS: No DNS)
 2   No Response      *      *      *                
 3 74.132.0.157      8ms    7ms    7ms  TTL:  0  (No rDNS)
 4 74.132.0.93      11ms   11ms   10ms  TTL:  0  (No rDNS)
 5 74.128.8.105     18ms   11ms    9ms  TTL:  0  (No rDNS)
 6 4.78.214.21      31ms   35ms   31ms  TTL:  0  (so-3-1-0.gar2.atlanta1.level3.net ok)
 7 4.68.127.178     33ms   51ms   34ms  TTL:  0  (uunet-level3-oc48.atlanta1.level3.net ok)
 8 152.63.86.170    33ms   36ms   32ms  TTL:  0  (0.so-4-0-0.XL1.ATL4.ALTER.NET ok)
 9 152.63.53.249    97ms   98ms   97ms  TTL:  0  (0.so-7-0-0.xl1.sac1.alter.net ok)
10 152.63.53.238    96ms   97ms   96ms  TTL:  0  (0.so-3-0-0.XR1.SAC1.ALTER.NET ok)
11 152.63.51.77     97ms   96ms   97ms  TTL:  0  (185.atm7-0.gw1.sac1.alter.net ok)
12   No Response      *      *      *                
13   No Response      *      *      *                
14   No Response      *      *      *                
15   No Response      *      *      *                
16   No Response      *      *      *                
17   No Response      *      *      *                
18   No Response      *      *      *                
19   No Response      *      *      *                
20   No Response      *      *      *                
21   No Response      *      *      *                
22   No Response      *      *      *                
23   No Response      *      *      *                
24   No Response      *      *      *                
25   No Response      *      *      *                
26   No Response      *      *      *                
27   No Response      *      *      *                
28   No Response      *      *      *                
29   No Response      *      *      *                

I have posted tracerts, please take a look.

Best I can tell, the site www.goldone.com is OFFLINE.

Actually I now get "destination net not reachable" too from 63.80.202.32 (which is supposed to be the server IP ??!!)  so there are definetly routing issues with those IP ranges at the moment.

Steve

So........goldenone.com has problems?  Th e site is definitely ONLINE I can verify this as we speak by going to the site from various other computers.  wierd!  I don't know what to think now.  Maybe their pointers are wrong?

This is a tracert from another location.
Tracing route to goldenone.com [63.80.202.32]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  172.11.1.1
  2     *        *        *     Request timed out.
  3     7 ms    31 ms    20 ms  GE-1-1-ur02.hayward.ca.sfba.comcast.net [68.87.1
96.145]
  4     9 ms     9 ms    11 ms  10g-8-2-ar01.oakland.ca.sfba.comcast.net [68.87.
192.90]
  5    14 ms    11 ms     9 ms  68.87.226.134
  6    51 ms    12 ms   214 ms  12.118.38.5
  7   115 ms     9 ms    10 ms  tbr1-p010802.sffca.ip.att.net [12.123.12.66]
  8   164 ms   116 ms   225 ms  ggr2-p300.sffca.ip.att.net [12.123.13.190]
  9   226 ms   262 ms   164 ms  att-gw.ashburn.eli.net [192.205.32.74]
 10   105 ms    12 ms    62 ms  0.so-2-0-0.XL2.SCL2.ALTER.NET [152.63.57.102]
 11   244 ms   194 ms    15 ms  0.so-7-0-0.XL2.SAC1.ALTER.NET [152.63.54.9]
 12    14 ms    14 ms   185 ms  0.so-3-0-0.XR2.SAC1.ALTER.NET [152.63.54.2]
 13    78 ms    25 ms   174 ms  184.ATM6-0.GW1.SAC1.ALTER.NET [152.63.51.81]
 14  golden1-gw.customer.alter.net [157.130.214.246]  reports: Destination net u
nreachable.

Trace complete.

If you use this public proxy 200.79.192.12 port 80, you can get to the goldenone.com website.

So that's it? No one has anything definite to add.  Please where is the problem?  Us, our ISP, or the website?
Thank you, I'm counting one of you brilliant network gurus.

Thanks for all the help Steve, I will try to ask ISP.  

No problem, sorry I couldn't help in the end as such.