[c-nsp] Sftp Hanging Cisco 3660 (HSRP active)

Daljit Singh daljit.singh at myway.in
Mon Apr 18 01:09:39 EDT 2011


Hi, 

 

I have found the problem and fixes. 

 

Actually the (deny ip any any dscp 2 command at the out interface) was
giving the trouble which I have run few weeks ago to policing the
streaming website.

 

Thanks to all for the support.

 

Regards

Singh

 

From: harbor235 [mailto:harbor235 at gmail.com] 
Sent: Friday, April 15, 2011 8:39 PM
To: Daljit Singh
Subject: Re: [c-nsp] Sftp Hanging Cisco 3660 (HSRP active)

 

The MTU issue would be end to end, source to destination and back.

 

Is there a firewall or router filtering ICMP ? If the source cannot
perform

PMTUD via ICMP then intermediate devices will not be able to fragment.

 

mike

On Fri, Apr 15, 2011 at 6:03 AM, Daljit Singh <daljit.singh at myway.in>
wrote:

HI,

MTU is 1500 on both devices.

Regards
Daljit Singh

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of harbor235
Sent: Thursday, April 14, 2011 10:35 PM
To: Bunny Singh
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Sftp Hanging Cisco 3660 (HSRP active)

Sounds like an mtu issue.

mike

On Thu, Apr 14, 2011 at 12:48 PM, Bunny Singh <jump2fly82 at yahoo.com>
wrote:

>
>
>
>        I'm having a problem with incoming SfTP hanging.  I can see the
>
> initial handshake occuring but directory listing not coming and giving
> timeout, Users trying access our sftp server from public, I am getting
the
> possitive resulting by running (using 'telnet <servername> 22'). But
when i
> try to connect sftp from command prompt or through Filezilla then i am
> getting time out and no directory showing. This is happening only when
my
> 3660 is a active hsrp router, and same sftp service will work fine
when my
> 4948 is active hsrp router.
>
> Actually I'm running two cisco devices (One is  3660 & second is 4948
with
> BGP peering with 2 ISPs. we are running HSRP. I have web servers
behind
> these routers and they seem to be behaving just fine.  I'm at a loss
as to
> what could be causing this problem.  I've put known good sftp server
on the
> same network and had the same issue with it as well.  When I trying to
> connect through our native network ,it works fine, no delay after the
> initial handshake.   Any ideas as to what could be causing this or
what I
> should look at?
>
>
> Regards
> Singh
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Disclaimer:

This e-mail & attachment(s) within it are for sole use of intended
recipient(s) & may contain confidential & privileged information. If you
are not the intended recipient, please intimate the sender by replying
to this email & destroy all copies & the original message. Any
unauthorized review, use, disclosure, dissemination, forwarding,
printing or copying of this email or any action taken in reliance on
this e-mail is strictly prohibited & unlawful. The recipient
acknowledges that COMPANY , its subsidiaries, associated companies or
persons authorized by it (collectively "THE Group"), are unable to
exercise control, ensure, guarantee the integrity of/over the contents
of the information contained in e-mail transmissions & further
acknowledges that any views expressed in this message are those of the
individual sender & no binding nature of the message shall be implied or
assumed unless the sender does so expressly with due authority of THE
Group.

 


Disclaimer:

This e-mail & attachment(s) within it are for sole use of intended recipient(s) & may contain confidential & privileged information. If you are not the intended recipient, please intimate the sender by replying to this email & destroy all copies & the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited & unlawful. The recipient acknowledges that COMPANY , its subsidiaries, associated companies or persons authorized by it (collectively "THE Group"), are unable to exercise control, ensure, guarantee the integrity of/over the contents of the information contained in e-mail transmissions & further acknowledges that any views expressed in this message are those of the individual sender & no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of THE Group.



More information about the cisco-nsp mailing list