Problem solved! Our firewall is blocking ranges of incoming ports that just happens to incidentally work (usually, but not always) for windows.
Too see your settings, type sysctl net.ipv4.ip_local_port_range The default is 32768 61000, and so my system had been picking incoming ports for SSH and CVS responses around 32768 initially and our firewall here was blocking that. So the solution for me is to change the ip_local_port_range: A temporary fix: sysctl -w net.ipv4.ip_local_port_range="50001 61000" Fix it permanently in /etc/sysctl.conf : net.ipv4.ip_local_port_range = 50001 61000 The symptoms of this problem are: can't connect using CVS, SSH, POP email, and can't get to the secure checkout page of an online retailer. If you have this problem you should probably play around with sysctl to find the proper range for your system on your network. Examining your Windows system may mislead you as it may be not be set totally correctly, and seem to work _most_ of the time but occasionally fail when it exceeds the firewall's range. "Just reboot" they said! Argh! Thanks to Adam and John for all their help. I hope they don't feel like they're valuable time was wasted on me. On Fri, 31 Dec 2004 19:42:41 -0500, Adam Aube <[EMAIL PROTECTED]> wrote: > Norman Davis wrote: > > On Thu, 30 Dec 2004 19:32:22 -0500, Adam Aube <[EMAIL PROTECTED]> wrote: > > >> What kernel are you using? > > > Linux version 2.4.27-1-386 ([EMAIL PROTECTED]) (gcc > > version 3.3.5 (Debian 1:3.3.5-2)) #1 Wed Dec 1 19:43:08 JST 2004 > > >>Post the output of the following command: > >> head -v `ls /proc/sys/net/ipv4/tcp*` > > > Currently I'm at home using dialup. I'm assuming these will be the > > same as when I have this laptop at work on the network there: > > The only setting that might be an issue is this: > > > ==> /proc/sys/net/ipv4/tcp_default_win_scale <== > > 0 > > Try setting it to 1 or 2 and see if that fixes the problem. Don't set it too > high - that can cause problems as well. > > Beyond that, the only thing I can suggest is using tcpdump or ethereal to > capture packets during a connection attempt. > > Adam > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
