Connection lost when going through a router

[tpulley]

Here is the scenario.
IP only network

Novell server on subnet 192.168.1.X. User can log in browse and pull up .pdf files fine from the Novell 5.X server. When trying to access from across a different subnet 172.16.1.X the user can browse and even click on the file, then he gets a connection lost. The user can immediately browse through that folder and even select another .pdf file but gets the same Connection lost/network lost.

The layout:

The 172.16.1.x goes through a firewall to access 192.168.1.x subnet. All ports are "supposed" to be open. I cannot verify this because I cannot see any errors in the log pointing to his machine etc. The allowed packets have not revealed anything wrong.

Any Ideas? Anyone know if Novell uses a specific IP port to open a file (oustide of browsing/filescanning)?

Thanks in advance

Terry

 

[TheLad]

Is file caching set to on? SET CLIENT FILE CACHING ENABLED is the set command. Try turning it off if it is. -----------------------------------------------------
"It's true, its damn true!"
-----------------------------------------------------

 

[tpulley]

Follow up:

The client had changed the settings to off. Still the problem resides. Here is the issue with more details.

The components are Watchguard and a soho box, Novell 5.X, 2000 server and 2000 pro. Everything has been patched to the most current. Client is on 4.83.

Issue:

Client can log onto the novell server and other servers (all servers are across the VPN via the soho). Client can browse through explorer and see files say in the r:\files\today folder. They try to click and open a file Easter.pdf and get a network connection is not found. They were just able to browse to it. I put a easter.txt in the same folder and they can open that up once. Then when they try opening it again it reports the same error as above.

I put a sniffer on the client side and can see traffic being generated from the client, and back from the novell server. Port 524, and 2746. I tried opening files on the NT servers I do not see this problem with them.

On the firewall I have a rule that says allow any traffic in and out to between them. The clients are set to log via IP.

any ideas are appreciated....

Terry

 

[creslan]

First of all, make sure to SET CLIENT FILE CACHING ENABLED = OFF at the server prompt (and put it in autoexec.ncf too, I think) - your response sounded like you are talking about the client settings.

Second: I had a sort-of similar problem. Long post...sorry...
This problem was a bit different, but it may be similar and might help someone who does something dumb like I did. I was and remain a little over my head in this area, so I apologize if this was a no-brainer or my terminology is a bit off (it's easier to describe with a picture). I have two NW5.1 SP3 file servers, about 20 Win2K workstations and a couple 98's, one location.

We have an internal network of 192.168.100.xxx addresses, including the first NIC on the main file server. This internal network resides on the LAN side of a simple Linksys router with a NAT firewall. The router has a static WAN IP address and is used as a gateway for internet access - it hides the internal addresses from the WAN side and won't allow access from the WAN - even if I set it to. In order to allow access to the server from the WAN (work from home) and to try to work around a timesync communication problem, I installed a second NIC in the server with a static IP. Since we have only one WAN link out of the building (DSL line), I connected the second server NIC and the router into a simple Linksys 5-port switch (not programmable) to connect both to the outside world. It didn't happen right away, but soon I began having users occasionally lose connections. I tried shutting off every form of caching, with no luck. It drove me crazy until I noticed (in Monitor) a few workstation connections were made to the WAN IP address of the router instead of to a 192.168.100.xxx address. After mulling this over for a while, I finally figured out that when workstations logged in while the first server NIC (the 192.168.100.xxx address) was busy, the request was also going out through the firewall, across the switch on the WAN side, and into the server on the second NIC - and making the connection that way. So LAN workstations were connecting over the WAN connection (through the NAT firewall) without ever leaving the building. No problem until a second workstation connected the same way. The server would have two workstation connections to the same IP address (the WAN address of the router), and the communication would fail intermittently because it did not know the true address of the workstation behind the NAT firewall. File saves would hang on the hourglass and the workstation would need a hard reboot. Monitor showed the connections, but communication to the workstations failed. Pretty obvious in hindsight.

The quick (and still current) solution was to pull the cable from the second NIC, since nobody was logging in from home anyway and I solved the timesync problem with the version in SP4. My plan for the long-term solution is to edit the NAT router's routing table to block traffic to and from the server's WAN IP address, thus forcing the workstation connections to be made through the 192.168.100.xxx NIC, even if it takes an extra half-second. I would like to hear any suggestions about this. I don't think this helps with your problem, but I thought I'd share it just in case since the firewall may be a key part of the problem.