Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1990
Views
0
Helpful
5
Replies

Unable to Route or access .mil websites

l-mathews
Level 1
Level 1

‎03-24-2004 02:13 PM - edited ‎03-02-2019 02:32 PM

Does anyone have experiencing with routing to .mil websites http://www.navair.navy.mil

It appears that certain hosts on our network

cannot access or hit the .mil websites

These hosts all have IPs, that in a classful routing

domain, would be valid network(addresses)boundaries and broadcast addresses. Our network is a classless

routing domain

For example:

10.1.38.0

10.2.38.255

The real public IPs have been replace with 1918 addresses

I am wondering if this is the problem with routing

to these websites or is it just a matter

of .mil websites blocking a few of our blocks of ips

due to an abusive user sourced from our network.

Any thoughts ??

Labels:
0 Helpful
5 Replies 5

blazesod
Level 1
Level 1

‎03-25-2004 02:33 AM

Hi I-mathews,

Before we go any further, can the host(s) access other .mil sites. There may be a specific access-list blocking (shun) your users. The military and any other security minded companies will prevent certain traffic from entering their network (RFC 2827). Obviously ensure your outside IP addresses are not private and do not belong to someone else like the Navy.

Another consideration, are you running PAT? Some applications do not work through a PAT-ed network because they are port specific.

If that doesn't help or you would just like help troubleshooting send me an email.

blazesod@hotmail.com

R/S

Dave

0 Helpful

l-mathews
Level 1
Level 1
In response to blazesod

‎03-25-2004 01:51 PM

Its all .mil websites (army, nayv, airforce..etc)

I dont think its an access-list, because there

are other hosts on our network that can hit that site

The hosts that can hit it are on a different block

however,the ones that can't are not off the same network block either

As far as applications;these users are just using a web browser. These host claim that if they use dailup

and/or another ISP they can get to it

The thing thats common is the IPs that cannot route

are all valid network/broadcast address in a classful

routing domain (which I think the .mil websites may

be running..for legacy servers). Our network and hosts are in a classless routing domain. This is my

theory. The webmaster for .mil has not replied to our

query. Let me know if my theory holds water..

I dont think that the .mil websites would be denying

an entire network block??

0 Helpful

l-mathews
Level 1
Level 1
In response to l-mathews

‎03-25-2004 01:54 PM

These ips are just examples

of the ones that are getting block. I did not want

to post real public ips that we assign to our customers

But the IPs that can't get routed end it a .0, .255.

so its

x.x.x.0

x.x.x.255

0 Helpful

vinodmorsa
Level 1
Level 1

‎03-25-2004 09:16 PM

Hi,

I have also observed the same. We have 2 diff connections to the internet, i am able to access the website through one connection only. This should have something to do with the security settings on the webserver of the .mil sites.

Regards,

Vinod

0 Helpful

l-mathews
Level 1
Level 1
In response to vinodmorsa

‎03-28-2004 02:47 PM

Do you mean having more than one upstream provider?

What have you done to work around this issue?

Any ideas for a workaround. navy.mil has not responded to our query

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card