Strange web access problem

[Chris]

Archived from groups: alt.comp.periphs.mainboard.asus (More info?)

Hi there,

I am seeing a strange problem with my system:

Asus K8NE deluxe
Windows XP home and Windows XP 64, xp firewall disabled
Mozilla 1.7 / Firefox / IE

With the Nvidia motherboard firewall enabled (even on low setting), I
get the error message "operation timed out when attempting to
contact..." with certain websites, eg:

www.tesco.com
www.dabs.com
www.insight.com

If I turn the Nvidia firewall off, I can access the websites no problem.
I assume I need to create a rule in the firewall to allow something
through, but am not sure what? There are no entries in the firewall log,
but the information tab shows that some outgoing packets are being blocked.

All I can think to do is install ethereal and try and spot which packets
are getting stopped.

Can anyone suggest an easier option (other than turning off the firewall ?)

Cheers,

Chris.


--
cut along the dotted line to reply

 

[Paul]

Archived from groups: alt.comp.periphs.mainboard.asus (More info?)

In article <41b0ab55$0$9359$ed2619ec@ptn-nntp-reader02.plus.net>, Chris
<chris@chrisangalongthedottedline.free-online.co.uk> wrote:

> Hi there,
>
> I am seeing a strange problem with my system:
>
> Asus K8NE deluxe
> Windows XP home and Windows XP 64, xp firewall disabled
> Mozilla 1.7 / Firefox / IE
>
> With the Nvidia motherboard firewall enabled (even on low setting), I
> get the error message "operation timed out when attempting to
> contact..." with certain websites, eg:
>
> www.tesco.com
> www.dabs.com
> www.insight.com
>
> If I turn the Nvidia firewall off, I can access the websites no problem.
> I assume I need to create a rule in the firewall to allow something
> through, but am not sure what? There are no entries in the firewall log,
> but the information tab shows that some outgoing packets are being blocked.
>
> All I can think to do is install ethereal and try and spot which packets
> are getting stopped.
>
> Can anyone suggest an easier option (other than turning off the firewall ?)
>
> Cheers,
>
> Chris.

Port number assignments are listed here:
http://www.iana.org/assignments/port-numbers

Port 80 is used to http and port 443 is used for https.

Probably better to use an interface to the firewall, that
filters based on application type, as all the ports for
secure or non-secure browser operation could be opened
with one operation in the interface.

There might be a web page somewhere, that groups the port
numbers by application.

This page hints at the nature of the problem. Any URL that
uses an explicitly set port like 8000 or 8080, is going to
be stopped by your firewall. In the old days, people using
custom port numbers for web servers was common, but that
of course, makes programming a firewall an unscalable task.

http://www.firetower.com/faqs/proxies/httpd/ports-other.html

Is there an interface in the Nvidia software, to make setting
up the firewall, as a function of application type ? Like
selecting "browser" turns on 80 and 443 ?

Paul

 

[Chris]

Archived from groups: alt.comp.periphs.mainboard.asus (More info?)

Paul wrote:
>
> Port number assignments are listed here:
> http://www.iana.org/assignments/port-numbers
>
> Port 80 is used to http and port 443 is used for https.
>
> Probably better to use an interface to the firewall, that
> filters based on application type, as all the ports for
> secure or non-secure browser operation could be opened
> with one operation in the interface.
>
> There might be a web page somewhere, that groups the port
> numbers by application.
>
> This page hints at the nature of the problem. Any URL that
> uses an explicitly set port like 8000 or 8080, is going to
> be stopped by your firewall. In the old days, people using
> custom port numbers for web servers was common, but that
> of course, makes programming a firewall an unscalable task.
>
> http://www.firetower.com/faqs/proxies/httpd/ports-other.html
>
> Is there an interface in the Nvidia software, to make setting
> up the firewall, as a function of application type ? Like
> selecting "browser" turns on 80 and 443 ?
>
> Paul

Hi Paul,

Thanks for the response. There are wizards to setup different access (eg
web browser) but using them hasn't helped. The puzzle is that I have
only come across 3 maybe 4 websites that I can't access in the 3+ months
I have had this motherboard - everything else (non secure, secure,
plugins etc) has worked fine.

I have run ethereal with firewall on and firewall off and can't really
spot any difference (except for the fact that I can access the problem
websites when it is off) - the only thing is some packet checksum errors
which I guess might cause the packet to be blocked?

Cheers,

Chris

--
cut along the dotted line to reply

 

[Chris]

Archived from groups: alt.comp.periphs.mainboard.asus (More info?)

Paul wrote:
>
> In your position, I would either play with the MTU or
> the black hole detection in the Registry. In any case,
> plenty of Googling ahead for you Hope you can
> reach Google ))
>
> Perhaps someone in a networking newsgroup could help ?
>
> Paul

Hi Paul,

Thanks again for your help. MTU settings all seem to be at default. All
the problem websites have checksum erors (maybe just a coincidence) on
packets outgoing from my pc but I haven't seen a setting to prevent
these being blocked by the firewall (if they are being blocked).

Interestingly, one website that used to be a problem was
www.richersounds.com. The website has been redesigned, and now I can
access it.

Time to ask in one of the networking newsgroups (now that I have
hopefully established it's not something blindingly obvious).

Cheers,

Chris.

--
cut along the dotted line to reply

 

[Guest]

Archived from groups: alt.comp.periphs.mainboard.asus (More info?)

Hello,

On Fri, 03 Dec 2004 18:07:17 +0000, Chris
<chris@chrisangalongthedottedline.free-online.co.uk> wrote:

>Hi there,
>
>I am seeing a strange problem with my system:
>
>Asus K8NE deluxe
>Windows XP home and Windows XP 64, xp firewall disabled
>Mozilla 1.7 / Firefox / IE
>
>With the Nvidia motherboard firewall enabled (even on low setting), I
>get the error message "operation timed out when attempting to
>contact..." with certain websites, eg:
>
>www.tesco.com
>www.dabs.com
>www.insight.com
>
>If I turn the Nvidia firewall off, I can access the websites no problem.
>I assume I need to create a rule in the firewall to allow something
>through, but am not sure what? There are no entries in the firewall log,
>but the information tab shows that some outgoing packets are being blocked.
>
>All I can think to do is install ethereal and try and spot which packets
>are getting stopped.
>
>Can anyone suggest an easier option (other than turning off the firewall ?)
>
>Cheers,
>
>Chris.
>
>
>--
Does your Nvidia firewall include a popup killer?
It seems that some sites cannot be accessed with a popup killer in
function.
Does your firewall include a blacklist with forbidden sites?
Then take a look at that blacklist.

Max M.