• Status: Open
  • Priority: Low
  • Security: Public
  • Views: 66
  • Last Modified:

http is not working on our network only https works

We have 120 users on network with cyberoam ( 50 ING ) firewall  configured , from last 2 weeks we had issues like http websites not resolving getting error could not reach . But on other ISP it works fine.

Environment :
Cyberoam 50 ING Firewall with BSNL ISP configured  ....connected to Unmanaged switches
Internal AD integrated with DNS Server windows 2012 r2
All server + clients having primary dns server is windows server local IP address

But if do the nslookup domain name then it resolves fine but on browser it stucks. But sometime it works fine too.

ipconfig / flushdns
ipconfig / release
ipconfig / renew
ipconfig / registerdns
Winsock reset
Antivirus scan + malware scan , after malware scan it works for sometime and again it stucks. some of PC having the malware or spyware which blocks the http 80

everything did but http is not working . Only remains the Cyberoam Firewall firmware upgrade and restart of Windows 2012 server.

Please assist me to resolve this issue on urgent basis

Regards,
Vijay Kadadi
0
kadadi_v
Asked:
kadadi_v
3 Comments
 
Andy MIT Systems ManagerCommented:
I would start by checking firewall logs - see if there's anything there indicating a block on port 80. Worth checking your outgoing tcp firewall rule to ensure port 80 is still enabled and allowed.

You could also run wireshark to see what's happening to the port 80 requests.

To rule out DNS issues (though your nslookup works so I don't believe this would be the case) set static dns on one of the affected machines to use something like google (8.8.8.8, 8.8.4.4) or opendns (208.67.222.222, 208.67.220.220).
1
 
masnrockCommented:
What do your filtering policies look like on the Cyberoam?
0
 
William MillerInventory/IT ConsultantCommented:
If this is specifically on HTTP (Port 80), this sounds like a filtering issue. Like the other two experts here have alluded to, you'll want to check the hardware firewall to make sure Port 80 isn't being blocked. It's a common practice to keep people off of sites considered insecure. It's just another step some companies will take to steer their employees away from going to places they're not supposed to go.
1

Join & Write a Comment

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now