A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

Netgear DG834G won't do https



 
 
Thread Tools Display Modes
  #1  
Old January 19th 05, 12:32 PM posted to uk.comp.os.linux,uk.telecom.broadband
Nigel Orr
external usenet poster
 
Posts: 2
Default Netgear DG834G won't do https

I've recently had broadband installed. I'm using a Netgear DG834G router,
with one ethernet connection active to test it, to a PC running RH9.

It does http just fine, but won't do https. I've tried various sites
(my bank, dabs.co.uk, grc.com), no joy. I've tried various browsers
(listed below), no joy...

I borrowed a Solwise router from work (not recommended for Linux, BTW,
couldn't talk to it using Opera, Firefox, or an old Netscape, just one
verion of Mozilla), and once set up it worked fine for http and https

Netgear support ran through the firewall settings, tried adding a specific
rule to pass ports 443-447, and every option of MTU from the supplied
1458 down to 900 in steps (1458,1400,1358 etc), no joy.

They then escalated my problem to the UK support people, who have said
"Set the MTU to 1400, that will fix it"...

I've got the original configuration, with two extra firewall rules, same
as the defaults in each direction, but set to log as well, and changed
the local IP range to 192.168.35.x from 192.168.0.x

If I request an https page, a packet goes out, nothing else appears in
the log, and the browser eventually times out.

Does anyone have any ideas on how to investigate or fix it?

Nigel
  #2  
Old January 19th 05, 12:54 PM posted to uk.telecom.broadband
Brian McIlwrath
external usenet poster
 
Posts: 352
Default Netgear DG834G won't do https

In uk.telecom.broadband Nigel Orr wrote:
: I've recently had broadband installed. I'm using a Netgear DG834G router,
: with one ethernet connection active to test it, to a PC running RH9.

: It does http just fine, but won't do https. I've tried various sites
: (my bank, dabs.co.uk, grc.com), no joy. I've tried various browsers
: (listed below), no joy...

I wish people would not make definitive statements like this! OF COURSE it
CAN do https!!! There would have been an huge outcry long before now
if it could not!
  #3  
Old January 19th 05, 01:49 PM posted to uk.telecom.broadband
Greg Hennessy
external usenet poster
 
Posts: 97
Default Netgear DG834G won't do https

On 19 Jan 2005 12:32:40 GMT, Nigel Orr
wrote:


If I request an https page, a packet goes out, nothing else appears in
the log, and the browser eventually times out.

Does anyone have any ideas on how to investigate or fix it?


Do a tcpdump on the interface and see if the 3 way handshake is being
completed.

use curl -I https://some.ssl.url/


to generate the traffic.



greg

--
Yeah - straight from the top of my dome
As I rock, rock, rock, rock, rock the microphone
  #4  
Old January 19th 05, 01:56 PM posted to uk.telecom.broadband
jon
external usenet poster
 
Posts: 8
Default Netgear DG834G won't do https


I've got the original configuration, with two extra firewall rules, same
as the defaults in each direction, but set to log as well, and changed
the local IP range to 192.168.35.x from 192.168.0.x



Suggest that you remove the additional "logging" rules that you
have added to the firewall config.

Adding an "allow all with logging added" rule
causes the same effect on my non G version of this router.

I struggled with this a while ago




  #5  
Old January 19th 05, 02:16 PM posted to uk.telecom.broadband
Rich Daley
external usenet poster
 
Posts: 1
Default Netgear DG834G won't do https

Nigel Orr writes:

I borrowed a Solwise router from work (not recommended for Linux, BTW,
couldn't talk to it using Opera, Firefox, or an old Netscape, just one
verion of Mozilla), and once set up it worked fine for http and https


Off topic, I know, but what does your router have to do with which
browser you use? All browsers send and receive the same rubbish down the
line at the end of the day. For that matter, I can't see what the router
has to do with the difference between http and https either... by the
time this information reaches the router it's all just TCP anyway. I
suppose if you had a firewall blocking OUTgoing connections on a
specific port you might have a problem, but imho firewalling traffic
going in that direction is a bit overkill for a home setup. I'm afraid
I'm not an expert in networky stuff so I can't really help you.

~ Rich

--
___
{o,o} ~ Rich http://owl.me.uk/
/) )
-"-"- Jabber:

  #6  
Old January 19th 05, 06:33 PM posted to uk.telecom.broadband
jon
external usenet poster
 
Posts: 8
Default Netgear DG834G won't do https


"David" wrote in message
...

"jon" wrote in message
...
I think I has better clarify my own response
as it's a bit misleading / wrong !

Adding the following rule to the firewall :

"Inbound - Block all - Logging enabled"

could be assumed to clone the default inbound rule and
just add logging.

Well, it dosent ( on mine at least )
It does, however, cause interesting side effects.
On my 834, one being the sudden failure of https connections...

The bottom line is don't ( visually ) clone the default firewall rules
and
just "add logging", because there are other side effects in doing this
....


Hi Jon,

Yes I have exactly the same experience (except on v1.03 firmware, which
treated the cloned the default rule with logging as you would expect it
to - ie. it worked). I'd assumed that this not working as expected was a
bug. However, the way you've phrased your post sounds like you might
understand why this doesn't do what you might expect - do you have further
information?

Thanks, David


I dont have any further info, really, other than a response from netgear
support
(to my query of this functionality) that stated ( in summary ) that
"You have introduced a new firewall rule to block inbound, so what is wrong
?"
In a perverse way, it sort of made sense, but then again....

I assumed that in attempting to clone the default rule ( in order to just
add logging) , I had unintentionally reconfigured the stateful
packet inspection firewall in such a way that affected certain ports numbers
(https, ftp for example). whereas standard web browsing (on port 80) still
worked fine. Very strange - to me at least...

Whether its a feature or a bug ? I really don't know

However, I must say that the router appears to log most, if not all,
unsolicited
inbound packets anyway, if you enable the
"Include in Log - Known DoS attacks and Port Scans"
in the "Logs" options page, so it's not really a problem to me.

It just can trip you up a bit, as you really don't expect certain services
to be blocked
when you think that all you have done is added logging

But this is a small aside on what has, for me, been a rock solid bit of
kit.....






  #7  
Old January 19th 05, 09:00 PM posted to uk.telecom.broadband
billium
external usenet poster
 
Posts: 1
Default Netgear DG834G won't do https

Nigel Orr wrote:

I've recently had broadband installed. I'm using a Netgear DG834G router,
with one ethernet connection active to test it, to a PC running RH9.

It does http just fine, but won't do https. I've tried various sites
(my bank, dabs.co.uk, grc.com), no joy. I've tried various browsers
(listed below), no joy...

I borrowed a Solwise router from work (not recommended for Linux, BTW,
couldn't talk to it using Opera, Firefox, or an old Netscape, just one
verion of Mozilla), and once set up it worked fine for http and https

Netgear support ran through the firewall settings, tried adding a specific
rule to pass ports 443-447, and every option of MTU from the supplied
1458 down to 900 in steps (1458,1400,1358 etc), no joy.

They then escalated my problem to the UK support people, who have said
"Set the MTU to 1400, that will fix it"...

I've got the original configuration, with two extra firewall rules, same
as the defaults in each direction, but set to log as well, and changed
the local IP range to 192.168.35.x from 192.168.0.x

If I request an https page, a packet goes out, nothing else appears in
the log, and the browser eventually times out.

Does anyone have any ideas on how to investigate or fix it?

Nigel

I had one of these routers (may be worth stating wether it is V2 or not) and
had no problems with secure connections. I assume you have tried various
firmware versions (downgrade and upgrade). I am on long reach and had many
problems with DNS errors, hence I gave it to somebody else on normal
broadband who has no problems. The cheapo Safecom routers from ebuyer are
good value and work well if you are on long reach.

The safecom is a good computer board if you need a StrongArm with
ethernet,serial, wireless, and usb for under £60. I'll have to see if I
can put my own firmware in it!

Billy

  #8  
Old January 19th 05, 10:03 PM posted to uk.telecom.broadband
Alan Fitch
external usenet poster
 
Posts: 1
Default Netgear DG834G won't do https

On Wed, 19 Jan 2005 12:32:40 +0000, Nigel Orr wrote:

I've recently had broadband installed. I'm using a Netgear DG834G router,
with one ethernet connection active to test it, to a PC running RH9.

It does http just fine, but won't do https. I've tried various sites
(my bank, dabs.co.uk, grc.com), no joy. I've tried various browsers
(listed below), no joy...

I borrowed a Solwise router from work (not recommended for Linux, BTW,
couldn't talk to it using Opera, Firefox, or an old Netscape, just one
verion of Mozilla), and once set up it worked fine for http and https

Netgear support ran through the firewall settings, tried adding a specific
rule to pass ports 443-447, and every option of MTU from the supplied
1458 down to 900 in steps (1458,1400,1358 etc), no joy.

They then escalated my problem to the UK support people, who have said
"Set the MTU to 1400, that will fix it"...

I've got the original configuration, with two extra firewall rules, same
as the defaults in each direction, but set to log as well, and changed
the local IP range to 192.168.35.x from 192.168.0.x

If I request an https page, a packet goes out, nothing else appears in
the log, and the browser eventually times out.

Does anyone have any ideas on how to investigate or fix it?

Nigel


I've got a netgear dg834g and it's working fine. The only problem I had
was getting the VPN to work working - and guess what, I had to change the
MTU to fix it! That was on the pptpconfig program I was using - the eth0
MTU is still set to 1500.

I didn't have to do anything to the firewall, just leave it on NAT, no
extra firewall rules.

Have you got any proxying set up in your browser? I am using Firefox, and
just set it up with "Direct Connection to the Internet", no proxy set.

All I did apart from that was set up eth0 to use DHCP, obtain DNS from
DHCP, and "it all just worked".

On the router, I set it up with NAT. I upgraded the firmware to 1.0.5,
because it seemed like a good idea :-)

The MTU is set to 1458 in the WAN setup page - I can't remember if I
changed it, of if that was the default.

I turned on UPnP because it made bittorrent clients work without setting
up a firewall rule, but everything was working before I put that on.

I have a static IP address, and have disabled Dynamic DNS. I hope this
helps,

regards
Alan


--
Alan Fitch
reverse these words: org dot ieee at apfitch

  #9  
Old January 19th 05, 10:56 PM posted to uk.telecom.broadband
Mick Bernatek
external usenet poster
 
Posts: 1
Default Netgear DG834G won't do https

Nigel Orr wrote:

I've recently had broadband installed. I'm using a Netgear DG834G router,
with one ethernet connection active to test it, to a PC running RH9.

It does http just fine, but won't do https. I've tried various sites
(my bank, dabs.co.uk, grc.com), no joy. I've tried various browsers
(listed below), no joy...

I borrowed a Solwise router from work (not recommended for Linux, BTW,
couldn't talk to it using Opera, Firefox, or an old Netscape, just one
verion of Mozilla), and once set up it worked fine for http and https

Netgear support ran through the firewall settings, tried adding a specific
rule to pass ports 443-447, and every option of MTU from the supplied
1458 down to 900 in steps (1458,1400,1358 etc), no joy.

They then escalated my problem to the UK support people, who have said
"Set the MTU to 1400, that will fix it"...

I've got the original configuration, with two extra firewall rules, same
as the defaults in each direction, but set to log as well, and changed
the local IP range to 192.168.35.x from 192.168.0.x

If I request an https page, a packet goes out, nothing else appears in
the log, and the browser eventually times out.

Does anyone have any ideas on how to investigate or fix it?

Nigel


AFAIK setting the MTU to 1400 for https to fix the problem is specific to
the combination of this router and AOL if they are your broadband ISP.
Certainly fixed the problem for an AOL using colleague of mine who has the
same kit and had the same symptoms as yourself.

Don't know if the same may apply to other ISPs.

MickB

  #10  
Old January 20th 05, 12:25 PM posted to uk.telecom.broadband
Nigel Orr
external usenet poster
 
Posts: 2
Default Netgear DG834G won't do https

In article , David wrote:

"Nigel Orr" wrote in message
...

It does http just fine, but won't do https. I've tried various sites
(my bank, dabs.co.uk, grc.com), no joy. I've tried various browsers
(listed below), no joy...


I thought that I made it clear from the above that I realised it was the
router configuration, not the router, that I suspected was at fault. It's
not the only DG834 I use, and I know they _can_ do https!

I borrowed a Solwise router from work (not recommended for Linux, BTW,
couldn't talk to it using Opera, Firefox, or an old Netscape, just one
verion of Mozilla), and once set up it worked fine for http and https


Yes, I do mean the configuration interface was very browser-fussy. Model
number was SAR106 IIRC, it came with our work plus.net connection, and
was quickly replaced with a netgear there- now I know why :-)

They then escalated my problem to the UK support people, who have said
"Set the MTU to 1400, that will fix it"...


And, as it turns out, they were right, but I told them about my extra
firewall rules and they reassured me they would be fine.

If you running firmware 1.03 then I think you might need to remove the
logging version of the default rules. I added a "copy" of the default rules
(except with logging enabled) on my DG834G's when I first had them (at v1.03
firmware) and they worked fine. However, for whatever reason when upgraded
to higher firmware versions this causes unexpected problems (I know not
why).


Absolutely right- thanks David and Jon for the answer. The problem had
originally been because MTU was set to 1458, then I had added the extra
rules to try to figure it out- https works perfectly now, with MTU set
to 1400 and the extra rules removed.

Nice to know that even with an almost 1:1 helpful:troll ratio uk.t.b
can come up with the goods :-)

Thanks for the helpful responses,

Nigel
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
BA: Netgear DG834G for £45 Andy Pandy uk.telecom.broadband (UK broadband) 16 December 27th 04 04:01 AM
Can't VPN using Netgear DG834G Peter Harding uk.telecom.broadband (UK broadband) 8 November 7th 04 09:49 AM
Netgear DG834G Scooby Doo uk.telecom.broadband (UK broadband) 9 January 6th 04 02:11 AM
Netgear DG834G Steve uk.telecom.broadband (UK broadband) 0 December 9th 03 12:45 PM


All times are GMT +1. The time now is 07:43 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright ©2004-2019 BroadbanterBanter.
The comments are property of their posters.