Solved

Twitter.com will not display in browser

Posted on 2011-02-23
4
628 Views
Last Modified: 2012-05-11
This issue has been killing me.  I am working on a network where Twitter.com will not display in a web browser anywhere inside the network.  I can ping it, I can tracert to it, but I cannot view it on port 80.  This will be a long post since I've tried a lot of things and seem to have narrowed the issue a bit.

Environment:  Corporate network with a Sonicwall Pro 2040 and a Cisco router.  Router seems to be a non-issue in this case because when I plug a laptop directly into the router (same port the firewall plugs into) twitter.com works correctly.  The issue seems to be with the Sonicwall.  DNS is using Google's servers as forwarders, no strange entries there.  No AV or web filtering in effect on the LAN or WAN interfaces and nothing explicit that I can find in the Sonicwall config that would affect this.

Testing:  I tested a number of connections to Twitter.com from inside the network and outside.  Here is what I found:

Outside the network:  When I ping twitter.com and www.twitter.com, I get a random address from Twitter's block.  If I take any of those addresses and enter them in a browser, they resolve to twitter.com and the page loads.

Inside the network:  When I ping www.twitter.com, I get a random address from Twitter's block.  If I take any of those addresses and enter them in a browser, I get the generic 'cannot display the webpage' error.  However, I can ping and tracert to all of the addresses.  This makes me think the issue is with http (port 80) traffic only.  Attempting to telnet to twitter.com on port 80 seems to confirm this- it does nothing.    The odd piece is this: when I ping twitter.com, as opposed to www.twitter.com, I get the same address every time.  It's a valid Twitter address, but it does not resolve to their domain name.  If I put it in a browser, it maintains its IP address as the URL name and the site works.  This particular IP address behaves the same way outside the network- if I enter it in my browser at home, it will not resolve, it will simply display Twitter.com's website using the IP address as the URL.  

We then tried putting in a custom host entry so that a computer would use the IP address that actually works as the destination for www.twitter.com.  Putting that in the browser again resulted in 'cannot display the webpage'.  We changed the host entry to point cnn.com to the same Twitter IP address and it resolves to the Twitter site and displays it.

So my mystery at this point is this:  What could be filtering out any port 80 traffic to twitter.com (apparently based on the domain name)? Also, why do they get the same IP address every time they ping twitter.com when every other computer we test this on gets a random one?
0
Comment
Question by:Joel-LogicNet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 34962484
try this and report back the results.

Log in to the firewall, then go to https://firewallip/diag.html,
go to  Internal Settings.
Scoll down to a checkbox labeled Enforce Host Tag Search with for CFS
uncheck it
scroll up and hit Apply
Then Close button on the bottom left.
0
 
LVL 33

Expert Comment

by:digitap
ID: 34962493
if that's the issue, here's a KB explaining it:

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3582
0
 
LVL 1

Author Comment

by:Joel-LogicNet
ID: 34962747
Good recommendation, but that wasn't the issue.  It did point me in the right direction though- I finally found the solution in the logs with mention of IPS and IM.  After doing some reading, it turns out that IPS was enabled on the WAN and IM traffic was being blocked.  Apparently Twitter's website gets grouped into IM traffic.  It didn't stick out at me before because 1) the IP address it was blocking was not the twitter.com address that DNS was reporting (that whole twitter.com vs www.twitter.com issue) and 2) I was looking for an explicit mention of Twitter versus a group restriction.  We turned off IM filtering in the IPS settings on the Sonicwall and we're up and running.
0
 
LVL 33

Expert Comment

by:digitap
ID: 34963469
excellent! good information and thx for the pts!
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Possible RST Flood on IF X0 Sonicwall 6 2,427
Fortigate Question 5 29
SSG50 Firewall Rules 17 50
VLAN Question 7 47
Article by: rfc1180
The Maximum Segment size (MSS) is an important consideration when troubleshooting connectivity via the Internet/Intranet. As the packets are routed via the Internet/Intranet, the packets must traverse through multiple routers in the path between two…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question