No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

USG5150BSR can't visit one web site

Publication Date:  2012-09-12 Views:  359 Downloads:  0
Issue Description
PC-firewall-web server of external network
PC in the internal network can visit all the website except the http://www.qljiayou.com/, the session exists in the firewall.
Alarm Information
none
Handling Process
1 Change the value of firewall tcp-mss, still can’t work
2 Change multi-address of public network, problem as the old
3 ip address for http://www.qljiayou.com/ is 202.110.216.125
Check the interface
interface GigabitEthernet0/0/3
ip address 202.110.216.163 255.255.255.0
ip address 202.110.216.162 255.255.255.0 sub
Two addresses are in the same network segment. Because the same LAN, when we visit the 202.110.216.125, it will not send to the gateway external.
So the visit can’t work.
change the subnet mask as:
interface GigabitEthernet0/0/3
ip address 202.110.216.163 255.255.255.128
ip address 202.110.216.162 255.255.255.128 sub
Problem solved.

Root Cause
1 TCP fragment Message has problem
2 Ip address has problem. May be this public network ip address is limited by the server
3 Subnet mask  has problem
Suggestions
none

END