Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Only microsoft websites won't load...?

Posted on 2008-11-06
12
Medium Priority
?
1,421 Views
Last Modified: 2008-11-17
I have just set up a new internet connection using a cisco 2600 router and hp 2626 switch.  I am using 802.11q between them to provide public and private address ranges on the 2626 switch.

Everything is working great except that Microsoft websites won't load on client computers in either IP address range.  IE finds the site and just sits there loading forever.  I have tried a myriad of other sites and they all work perfectly.

I am really stumped because I can't see any difference between Microsoft site traffic and any other site.

Any ideas?  Is this my VLANs, NAT, ISP...  Really strange.  I haven't set up any ACLs yet, is this the problem?


//Sites that won't load
 
microsoft.com
msn.com
hotmail.com
 
//Sites that will load
 
yahoo.com
google.com
hardocp.com
boingboing.net
live.com
many, many others...

Open in new window

0
Comment
Question by:ctarbet
12 Comments
 
LVL 15

Expert Comment

by:bkepford
ID: 22900242
Are you using the router as a pppoe client? I had something weird like that happen before.
0
 

Author Comment

by:ctarbet
ID: 22900489
Yeah!  Did you ever fix it?

I have a Dialer interface setup for the PPPoE
0
 

Author Comment

by:ctarbet
ID: 22900505
I have found that myspace.com doesn't work either.  It says "website found" then just sits there loading forever.

So what do myspace.com and microsoft.com have in common?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 15

Expert Comment

by:bkepford
ID: 22900542
For some reason you are not getting DNS resolution for part of the Internet. I never did figure out why. I ended up putting the PPPoE back on the DSL modem and then everything worked.
0
 

Author Comment

by:ctarbet
ID: 22900940
At least that's an idea to look at.  I can attempt to ping microsoft.com and it will get an IP for it but will never get a reply...

I will check my DNS config
0
 
LVL 22

Expert Comment

by:orangutang
ID: 22901677
Also, try
ipconfig /release
ipconfig /renew
ipconfig /flushdns
0
 
LVL 5

Expert Comment

by:rexxus
ID: 22901711
One other thing to check would be your hosts file and see if something has put an entry in it for the websites you can't reach
0
 
LVL 15

Expert Comment

by:bkepford
ID: 22908200
May not have been DNS it was a while back but I remember getting an error along that line. You know it just seems to me that it would have to be a provider issue. What do you control that would limit your connectivity to half the internet if you aren't using ACLs? I talked to tech after tech at AT&T and they agreed but never got a good answer that is why I went back.
 
0
 

Author Comment

by:ctarbet
ID: 22934054
So it can't be DNS because I can get addresses for the sites with a ping or nslookup.  I installed flash and shockwave and pulled up some games and youtube movies and everything works except those sites.

I installed limewire because I have been trying to block that anyway and it connected like a charm and started downloading just fine.

I have tried on three computers: my personal vista laptop, my work xp laptop, my xp test lab.

I turned off my VLAN setup and went directly from router to dumb switch to PC.  Nothing.
//Sites that won't load
 
microsoft.com
msn.com
hotmail.com
myspace.com
mail.live.com
 
//Sites that will load
 
yahoo.com
google.com
hardocp.com
boingboing.net
live.com
facebook.com
youtube.com
adobe.com (flash install)
limewire program 
shockwave.com games
...

Open in new window

0
 

Author Comment

by:ctarbet
ID: 22934081
This is my router config.  Is my NAT set up correctly?  It seems to work...
Router#show run
Building configuration...
 
Current configuration : 1663 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 xx
!
no aaa new-model
ip subnet-zero
!
!
ip cef
ip domain name ISPDOMAINNAME
ip name-server DNS1
ip name-server DNS2
vpdn enable
!
vpdn-group 1
 request-dialin
  protocol pppoe
!
!
username xx password 7 xx
!
!
!
!
interface FastEthernet0/0
 no ip address
 speed auto
 full-duplex
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 no ip address
 speed auto
 full-duplex
!
interface FastEthernet0/1.1
 encapsulation dot1Q 2
 ip address PUBLICIP 255.255.255.248
!
interface FastEthernet0/1.2
 encapsulation dot1Q 3
 ip address 192.168.22.1 255.255.255.0
 ip nat inside
!
interface Serial0/1
 no ip address
 shutdown
!
interface Dialer1
 ip address negotiated
 ip mtu 1492
 ip nat outside
 encapsulation ppp
 no ip mroute-cache
 dialer pool 1
 dialer-group 1
 ppp authentication pap callin
 ppp pap sent-username xx password 7 xx
!
ip nat inside source list NAT-Private interface Dialer1 overload
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
ip access-list extended NAT-Private
 permit ip 192.168.22.0 0.0.0.255 any
!
!
!
line con 0
 session-timeout 30
 password 7 xx
 logging synchronous
 login
 speed 115200
line aux 0
 password 7 xx
 login
line vty 0 4
 password 7 xx
 login
line vty 5 181
 password 7 xx
 login
!
end

Open in new window

0
 
LVL 15

Assisted Solution

by:bkepford
bkepford earned 1000 total points
ID: 22939603
NAT looks good. Have you tried hooking s PC direclty up to your DSL modem with a pppoe client? Just to make sure that it is your Cisco device and not a provider issue?
0
 

Accepted Solution

by:
ctarbet earned 0 total points
ID: 22940547
I did that last night.  I removed VLANs, removed NAT, and finally just removed the router.  That worked.

So it WAS something with the router, but what?  Turns out it was an MTU problem.  Apparently, this is a common issue with PPPoE because of the added header information that pushes the packet size above the standard MTU.

You can see that I have set "ip mtu 1492" as per my ISPs instructions, supposedly to prevent this very issue, but it wasn't taking effect at layer 2.  I understand all that, but I don't understand the fix very well.  I had to add "ip tcp adjust-mss 1400".  I guess this command does the same thing, only at layer 4.

PPPoE clients are SUPPOSED to have all these settings pushed to them from the server, but that wasn't happening properly.

Thanks for all your help.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question