MWeb proxies

[groenie]

Hi

Does anyone know if the following hosts are MWeb transparent proxies for their ADLS customers?
proxy.pel.mweb.co.za
pta-proxy.mweb.co.za

Our firewall (fw-1) keeps on dropping http packets from them saying TCP packet out of state, so it seems the stateful inspection isn't happy. The site is a B2B site and the customers with ADSL are complaining that they cannot use it properly.

Any idea what's wrong?

Groenie

 

[joema]

now i am no fw-1 expert, but i know enough to be dangerous.

the "out of state" makes me think that it is receiving ACK's before the initial SYN.
Any chance of asymetrical routing?

Also if the fw-1 is running on a *nix box, perhaps use tcpdump to have a look at the traffic, maybe you will be able to see what tcp headers you are receiving from the ADSL guys.

Sorry if i havent been of much help

 

[groenie]

I also think there is asymetrical routing involved, based on the fact that telkom is busy setting up some kind of adsl vpn solution for our clients. Maybe this is the source of the problem.

Unfortunately fw-1 is running on win2k. I would have been running Linux & iptables if it had been up to me

 

[joema]

well, how many "internet" links do you have coming into the company?
also are you multi-homed, especially with mweb?
also are you doing load-balancing with 2 fw-1's?