Hyper-v traffic being routed to perimeter firewall and subsequently blocked.

Similar Messages

• Why is my traffic being routed through china

  While connecting to a voice server located in Europe, I realised that I have a ping of 300 where I previously got around 20ms or less
  So I did a traceroute, turns out my traffic is being routed through china, to cyprus and then to Europe, for what purpose?
  traceroute to ts109.light-speed.com (216.127.64.68), 30 hops max, 60 byte packets
  1 192.168.1.254 (192.168.1.254) 0.573 ms 0.760 ms 0.957 ms
  2 213.120.155.226 (213.120.155.226) 8.748 ms 8.480 ms 9.688 ms
  3 213.120.155.158 (213.120.155.158) 10.892 ms 11.330 ms 12.163 ms
  4 host109-159-245-114.range109-159.btcentralplus.com (109.159.245.114) 14.495 ms 14.859 ms 15.933 ms
  5 31.55.164.221 (31.55.164.221) 16.301 ms 17.112 ms 17.982 ms
  6 31.55.164.109 (31.55.164.109) 18.316 ms 9.854 ms 10.631 ms
  7 acc2-10GigE-0-2-0-6.bm.21cn-ipp.bt.net (109.159.248.236) 14.412 ms acc2-10GigE-0-3-0-7.bm.21cn-ipp.bt.net (109.159.248.246) 9.506 ms acc2-10GigE-0-2-0-6.bm.21cn-ipp.bt.net (109.159.248.236) 13.672 ms
  8 109.159.248.48 (109.159.248.48) 20.637 ms 109.159.252.206 (109.159.252.206) 21.238 ms 109.159.248.132 (109.159.248.132) 20.103 ms
  9 peer2-xe-4-3-0.telehouse.ukcore.bt.net (109.159.252.53) 21.590 ms peer2-xe10-1-0.telehouse.ukcore.bt.net (109.159.254.116) 18.727 ms peer2-xe0-0-0.telehouse.ukcore.bt.net (109.159.254.102) 22.750 ms
  10 t2c3-xe-0-1-2-0.uk-lon1.eu.bt.net (166.49.211.166) 20.753 ms 21.500 ms t2c3-xe-0-2-2-0.uk-lon1.eu.bt.net (166.49.211.174) 25.339 ms
  11 i-0-4-0-7-peer.ulco-core02.pr.telstraglobal.net (134.159.95.25) 23.243 ms 27.041 ms 18.730 ms
  12 i-0-5-1-3.istt-core02.bx.telstraglobal.net (202.84.249.234) 202.289 ms 198.248 ms i-0-0-4-3.istt-core02.bx.telstraglobal.net (202.84.249.2) 230.943 ms
  13 i-0-4-0-3.skdi-core01.bi.telstraglobal.net (202.84.219.185) 213.259 ms 225.674 ms 225.800 ms
  14 i-0-2-0-8.hkth-core01.bx.telstraglobal.net (202.84.141.137) 261.573 ms i-0-2-0-5.hkth-core01.bx.telstraglobal.net (202.84.141.141) 249.423 ms i-0-2-0-8.hkth-core01.bx.telstraglobal.net (202.84.141.137) 261.567 ms
  15 i-0-0-0-3.hkth12.bi.telstraglobal.net (202.84.153.182) 247.201 ms i-0-0-0-2.hkth12.bi.telstraglobal.net (202.84.153.178) 260.094 ms 247.396 ms
  16 unknown.telstraglobal.net (134.159.100.98) 280.081 ms 278.679 ms 279.570 ms
  17 ae6.dar01.hkg02.networklayer.com (50.97.19.33) 280.926 ms 268.843 ms 282.005 ms
  18 119.81.138.139-static.reverse.softlayer.com (119.81.138.139) 277.294 ms 119.81.138.131-static.reverse.softlayer.com (119.81.138.131) 279.524 ms 119.81.138.139-static.reverse.softlayer.com (119.81.138.139) 267.113 ms
  19 xe1.cr1.hkg01.light-speed.com (119.81.152.250) 290.360 ms 291.142 ms 277.008 ms
  20 * * *
  21 * * *
  22 * * *
  23 * * *
  24 * * *
  25 * * *
  26 * * *
  27 * * *
  28 * * *
  29 * * *
  30 * * *
  Here's a screenshot of a traceroute done only a few months ago
  Same origin, same destination, only 270MS less latency.
  I have been forced through this dumb route for a couple weeks now, why?
  EDIT: Should point out, it's only when connecting to this server, all other routes are fine

  light-speed/teamspeak clearly have a complex infrastructure, which probably does some form of dynamic server allocation.
  Maybe they have moved their server addresses around and you still have a fixed reference to a server that was appropriate but is not any longer, and if you reset your application it would reassign you to a different one.
  This demonstrates they have a complex infrastructure with nodes in various places: doesn't show exactly what it is or how to deal with it.
  When I do tracert ts109.light-speed.com it comes back with Tracing route to ts109.teamspeak3.com [216.127.64.68]
  ping light-speed.com  gives 23 ms
  ping teamspeak3.com  gives 304 ms
  ping ts115.light-speed.com
  Pinging ts115.teamspeak3.com [94.101.84.61] with 32 bytes of data:
  Reply from 94.101.84.61: bytes=32 time=112ms TTL=41    <<< not as helpful as 23, but better than nearly 300

• Replacing BM on NW with the ISP firewall and NAT

  Replacing BM on NW with the ISP firewall and NAT
  Hi!
  LAN is a tree with 3 servers:
  1. NW 6.5 sp8 + BorderManager 3.9 sp 2
  2. NOWS SBE 2.5 (Suse) - DNS\DHCP
  3. NOWS SBE 2.0 (Suse)
  Since I'm connected to the internet through my ISP router (XBOX- Checkpoint), I am considering to remove the first server (firewall) and ask my ISP ro configure the router as a firewall and NAT too.
  What are the steps needed to do it without any demages?
  TIA
  Nanu

  nanu,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://forums.novell.com/

• Download connections doesn't close after I cancel the download, it keep like I am download and only close when I disable the network adapter or reset the router or the firewall

  download connections doesn't close after I cancel the download, it keep like I am downloading and only close when I disable the network adapter or reset the router or the firewall.
  I use pfsense as my firewall and see the traffic not reseting to zero when I cancel download.
  Also, IE doesn't have this problem. When I cancel the download the traffic drops to zero.

  And this problem seems to be systemwide. Since I created a new user and under which problem still exists.
  Hope apple will look into it

• Routing issue on firewall

  Hi All,
  As per attached network diagram I have 2 firewall connected to L3 switch. Since specific route is present already I am nt able to route same specific route to other firewall.
  PBR cannot be done in ASA. So how can I fix this issue?

  Hello Ravindra,
  Where did you set the specific route?
  Where are you trying to go ? To which network? is it behind both ASAs?
  Please be more specific,
  Regards,
  Hey remember to rate all of the helpful posts, as important as a thanks (keep us motivated)

• TCP/UDP Ports and site used by FEP to download updates - needed to allow on perimeter firewall

  Can some one point me with information like what TCP/UDP ports are utilized by FEP and what DNS / site Name it uses to download FEP Updates. This is needed to tighten perimeter FireWall policies
  Thank you

  It should be the same as the documentation for all Software Updates:
  https://technet.microsoft.com/en-us/library/bcf8ed65-3bea-4bec-8bc5-22d9e54f5a6d#BKMK_ConfigureFirewalls
  Make sure to expand the "restrict access to specific domains" section to see the update related URLs.

• Firewall and wireless router

  I have searched everywhere and I can't find the awnser. How does my firewall setting in any computer on my wireless network effect what can go thru my router (wrt54g)?  Specifically, I have a wvc54gc camera that I can't connect to from outside of my network. All of the forums say that maybe my firewall settings are not letting me to connect to my camera. I am using dyndns and they say that everything on there end is working fine. I am confused because when my computer is shut down , there is no firewall anywhere.   Thanks in advanced.  

  Your camera connects directly to your router.   Any software firewall on any of the computers on your LAN will have no effect on the camera.
  It is conceivable that firewall settings on the computer that is trying to connect to your camera from the Internet, might be blocking your camera's signal.  To test for this, simply disable the firewall in the computer that is trying to connect to your camera from the Internet (note: be sure to use a router when you do this).
  To access your camera from a computer on the Internet, you will need to assign it a fixed LAN IP address, and a port, and you will need to forward that port to the camera.
  The first thing that I noticed is that the default LAN IP address of the camera is 192.168.1.115.   This is very odd, because this is an illegal fixed LAN IP address on almost all Linksys routers.  Normally a fixed LAN IP address must be outside the DHCP server range.  In the camera setup pages, set the camera to use a fixed (static) LAN IP address (not a DHCP address), and set that address to 192.168.1.15.  (If camera setup asks, set "Subnet Mask" to 255.255.255.0 , and set "Default Gateway"  to 192.168.1.1 , and set "DNS server" to 192.168.1.1  (I assume that this is the address of your WRT54G)).   (Note:  If this still does not work, try setting the "DNS server" to your true Internet DNS address, which can be found in the WRT54G)
  Next, you need to assign the camera a port.  This needs to be assigned both in the router and in the cameras setup pages.  I am uncertain as to what port to advise you to use.   However, in the router, use "Port Forwarding", and forward that port to the 192.168.1.15 address.  Also, in the camera setup pages, you will need to tell the camera that it is using that same port.
  Hope this helps.

• IE Traffic being forced to tunnel via port 443

  I have a Windodws 2008 R2 server that has been in production for over 2 years.  It is a Hyper-V host running five 2008 R2 guests.  Everything wasw running fine until a couple of weeks ago when I installed the latest HP firmware and drivers. 
  Since then, Internet Explorer cannot open any website except
  www.google.com.  After uninstalled IE9 and then installing IE10 there was no change.  I've scanned the server with malwarebytes and HiJackThis.  No problems found.  I reset IE and reset the TCP/IP stack.  No change.  I removed
  McAfee AV and I'm now able to access google and one other site.  I then installed Fiddler and looked at what is happening and it appears that most websites are trying to tunnel using port 443 rather than using the typical port 80.  I'm not sure how
  to interpret this.  I know name resolution is working and can ping the sites I'm trying to reach.  If I go to a standard site, say
  www.yahoo.com, the IE window stays blank but if I go to Tools/View Source it appears I'm looking at the HTML from the target site.  Below is a summary of the Fiddler output when I tried to go to yahoo.com.  Any help
  is greatly appreciated as I am all out of ideas.
  Thanks,
  Joe
  # Result Protocol Host URL Body Caching Content-Type Process Comments Custom 
  1 301 HTTP fiddler2.com /UpdateCheck.aspx?isBeta=False 0 no-cache  fiddler:4916   
  2 200 HTTP www.telerik.com /updatecheck.aspx?isBeta=False 620 private text/plain; charset=utf-8 fiddler:4916   
  3 301 HTTP www.yahoo.com / 212 no-store text/html iexplore:728   
  4 200 HTTP Tunnel to www.yahoo.com:443 0   iexplore:728   
  5  -  HTTP crl.geotrust.com /crls/secureca.crl -1   iexplore:728   
  6 200 HTTP Tunnel to www.yahoo.com:443 0   iexplore:728   
  7 200 HTTP Tunnel to iecvlist.microsoft.com:443 0   iexplore:5104   

  Found that the problem was somewhere in the Windows firewall.  Although I had stopped the firewall service during testing something remained hooked in.  Another attempt at shutting off the firewall and then starting it again seems to have resolved
  the problem.  This makes no sense but I'm not arguing with the results.  Thanks everyone for your help.

• How to configure listener across firewall and router

  I am trying a test to see if the following scenario will work and I am looking for insight because I am not getting anywhere fast....
  I have a computer on an internal network running oracle 9iR2. This computer has a web server exposed through a router/firewall with port 80 open. I want to open port 1521 and make the oracle listenser available to someone outside my network. The client only has internet access through their ISP. Basically it would be like hitting the web server over the internet. I am not sure if it is possible to use SQL*Plus to connect to a database server using the name of the router (www.company.com) and have the Oracle database available.

  I have serious doubts that this will work.This sould working definitely. But this question is more related to networking than DBA.
  So this action (and aalso analysis) must be done by somebody who are responsible for (and unsterstand) routing and firewall administration.
  This "networking person" (credited as somebody before) must prevent unauthorized access to your DB and also prevent sniffing (for example your 3rd parties will be connected via IPSEC connection).

• Traffic re-routing problem on M25

  Hi,
  I have a N8 on Anna, when I use the traffic option in drive it routes me around the M25 junction 18 as it seems to think the motorway is blocked. The map has a black line on it and the no-entry icon. The motorway is not blocked, If I drive on the route is re-calculated and I find no blockage.
  It has been like this for a few days now, I connected to my PC and found 3.08 release and updated my maps, but the problem still exists.
  Help!
  Thanks
  Stephen

  If by "re-route" you mean an HTTP redirect is occurring, then that would most likely be either your script or a mod_rewrite rule doing that. You should look at the transactions and your logs carefully.

• With OSX firewall and firewall on router, do you really need Netbarrier?

  With the native firewall and what the router provides do you really need to spend the extra money. I understand the need for anti virus but... do you really need something like Netbarrier from Intego?

  I agree with Roam, but if you are still in doubt, check these out...
  ClamXAV, free Virus scanner...
  http://www.clamxav.com/
  Little Snitch, stops/alerts outgoing stuff...
  http://www.obdev.at/products/littlesnitch/index.html
  HenWen/Snort combo, that is a free MAJOR Firewall...
  http://seiryu.home.comcast.net/henwen.html
  Then the venerable old Brickhoues/Flying Buttress Firewall...
  http://personalpages.tds.net/~brian_hill/downloads.html
  WaterRoof is a firewall management frontend with bandwidth tuning, NAT setup, port redirection, dynamic rules tracking, predefined rule sets, wizard, logs, statistics and other features.
  http://www.macupdate.com/info.php/id/23317

• Multicast trafficis being flooded on igmp snooping enabled switch

  I have two devices connected to the same switch, S streams video using multicast, H doesn't send join request, but the multicast is being sent to H, actually it is being flooded. Both hosts are in the same vlan.
  Distribution-1#show ver | in WS
  cisco WS-C2960-24TT-L (PowerPC405) processor (revision E0) with 65536K bytes of memory.
  Model number                    : WS-C2960-24TT-L
  *    1 26    WS-C2960-24TT-L    15.0(1)SE2            C2960-LANBASEK9-M

  Duplicate post.
  Go here:  https://supportforums.cisco.com/discussion/12218811/multicast-trafficis-being-flooded-igmp-snooping-enabled-switch

• Difference between Firewall and Router

  I can do VPN remote access configuration by using cisco firewall also I can do it using the cisco router by using the SDM program so what is the benefits from using the firewall or all of them are the same?
  I mean it's recommended to use the firewill? if yes, why ?

  Answer-
  1) WE can make Security-Level on Firewall,but router can't
  2) We can make firewall in multiple context(Virtual Firewall) but router can't
  3) We can create SSL VPN on Firewall,but router can't
  4) Whenever a packet inspected by Firewall and another packet comes with same contents then firewall didn't check that packet,
    but router checks all packets.(show connections)
  5) Firewall works as L2 and L3 both, but router only on L3.
  6) Firewall inspects packets on L3 to L7 but router works on L3.
  7) Firewall have Failover,router can't
  8) Whenever we take trace,then firewall cannot comes on picture,but router always shows as a Hop Count.

• 5940 Router firewall and IDS

  Currently the 5940 Router has the capability to support a firewall and IDS as part of its IOS features.  
  Rumor has it that Cisco is planning to remove that IOS firewall/IDS capabilities in the future. The reason of this discussion is to confirm that rumor and also to discuss why Cisco would want to discontinue the Firewall and IDS features from the 5940 Router IOS . I would like to know if Cisco plans to remove the firewall/IDS capabilities from the router IOS in the future. Please comment.

  Since the majority us us are NOT Cisco employees, your best source of such information would be your Security PSE.

• Is there a firewall that can block an application?

  I'm looking for a firewall that can block applications.
  The firewalls for linux that I've found using google and also the one I'm using now can not block an application. There used to be an option for iptables (-m owner --cmd-owner programname), but since kernel 2.6.14 they've removed this option for iptables.

  eric, when you say u want to block applications, do you mean you want to block some of your applications getting out, or illicit use of ports for someone to get in ?
  if its the latter, it may be that the firewall rules regarding "accepted, related, established" cover this as when you make rules, whichever firewall application u use, you can drop any incoming connections that arent following the state matches in your ruleset.
  if you are concerned about ports being open to accept certain programs data, go to www.grc.com and use Shields Up to check. its a long while since i used any of this as i have a hardware firewall/router now, so apologies for lack of detail.
  iptables/netfilter help here