ScreenOS Firewalls (NOT SRX)
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
issn
Contributor
issn
Posts: 25
Registered: ‎03-16-2009
0

cannot access a particular website

Options

‎08-03-2010 12:23 AM

hi,

  I have a SSG20 in our office network .The internet is also access by the device SSG20.

 But while trying to access the particular website(www.iss-nepal.com)  ,it fails.

          What may be the reason behind this?

 Thankyou.

Message 1 of 7 (6,012 Views)
 
Reply
Trusted Expert Trusted Expert
Trusted Expert
Automate
Posts: 784
Registered: ‎11-01-2007
0

Re: cannot access a particular website

Options

‎08-03-2010 08:41 AM

The typical reason for this is the MTU on the path is smaller than what the website expects. If you set path-mtu, this should fix the problem:

 

SSG20> set flow path-mtu

SSG20> save

However, if the remote admin has blocked or otherwise disabled ICMP, this will not correct the problem.
HTH,

-Keith

Message 2 of 7 (6,000 Views)
 
Reply
issn
Contributor
issn
Posts: 25
Registered: ‎03-16-2009
0

Re: cannot access a particular website

Options

‎08-04-2010 12:33 AM

Hi,

  Thanks for the reply.I tried  with the MTU command but it still not working.

 Can broswe all the sites except  the one   (www.iss-nepal.com).

        Thank you.

Message 3 of 7 (5,988 Views)
 
Reply
Distinguished Expert
Distinguished Expert
echidov
Posts: 833
Registered: ‎11-02-2009
0

Re: cannot access a particular website

Options

‎08-04-2010 12:42 AM

Hi,

 

You can also try to configure a custom service with TCP-80, add a separate policy for this destination and select Application "Ignore" in the policy.

 

Kind regards,

Edouard

 

 

Kind regards,
Edouard
Message 4 of 7 (5,986 Views)
 
Reply
issn
Contributor
issn
Posts: 25
Registered: ‎03-16-2009
0

Re: cannot access a particular website

Options

‎08-07-2010 10:23 PM

hi Edouard

Thank for the reply. I also tried by creating a separate policy with the customize service and Application "Ignore".But it still not working .

    Any other  suggestion please?

 

 Thank you.

Message 5 of 7 (5,925 Views)
 
Reply
Distinguished Expert
Distinguished Expert
echidov
Posts: 833
Registered: ‎11-02-2009
0

Re: cannot access a particular website

Options

‎08-09-2010 12:47 AM

Hi!

 

This seems to be a fragmentation issue. PMTU option does not always solve the problem. If a router on the distance does not correctly handle fragmentation and there are additional overheads in the packet size due to specific transport media (PPPoE, sattelite, GPRS etc), many packets may be dropped. Try to tune tcp-mss as described in KB6346.

 

Kind regards,

Edouard

Kind regards,
Edouard
Message 6 of 7 (5,904 Views)
 
Reply
Ayush
Contributor
Ayush
Posts: 30
Registered: ‎02-21-2009
0

Re: cannot access a particular website

Options

‎08-17-2010 02:38 AM

The problem isnt solved yet. I have tried all these. Plase suggest.

Ayush Subedi
Message 7 of 7 (5,767 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.