# Gentoo Laptop blocked from corporate network?

## spidie

Hi Folks,

I have a fujitsu lifebook with Gentoo that I have been using as a 2nd PC at work on the corporate network for some time. Everything works great - and I especially like rsyncing all my docs from network so that I can read them while I'm away from work.

Anyway - everything worked until a few days ago, when I can now no longer get past the first hop on the network. I can contact any other machines on my subnet but nothing past that - it's almost like someone's set the router to block my poor old gentoo box or something.

I've tried changing MAC address (also then gets a different DHCP IP) and also using a static IP address, also tried using different network ports with same effect. I've even dual booted back into XP (for first time in ages) and that all works fine, so it's something specific to my gentoo install. My setup hasn't changed in this time - and routing table all looks fine.

I fired up ethereal and I can see the ARP request to the router - but nothing more after that.

Any ideas what else I can do to debug this? I can't really call our helpdesk as I shouldn't have the machine on the network anyway  :Smile: 

Many thanks in advance

Steve

----------

## edgar_leontr

What kind of router are on the network?

Are the network a self defending network?

----------

## mrv

Are you aware that you may lose your job if you act against corporate security policy?

 -mrv-

----------

## iamlarryboy

What does knoppix do?

----------

## ph03n1x

Already thought of changing your hostname?  :Wink: 

----------

## thecooptoo

have they changed the network  authentication ?

I use ntlmaps on a windows NW ( and the IT  dept know what im doing !)

----------

## ILuvSnakMachines

How did you configure ntlmaps? I can't find the server.cfg file after emerging it

----------

## ihad

Hi,

I'm wildly guessing here, but: Is it possible that you have ipv6 compiled as a module or compiled into the kernel? And that your gateway, the first hop has recently been reconfigured to drop any ipv6 packtets? If it is so, try to delete the ipv6 addresses from your interfaces or get rid of ipv6 support at all, and see if it works then. Otherwise I'm out of ideas...

Regards...

----------

## G.N.A.

I think you need to pay attention to the post above about losing your job.

If you aren't in IT (and own the network setup), make sure someone in IT knows what you are doing.

GNA

----------

## Suicidal

This sounds alot like Cisco Network Admission Control

----------

## spidie

It's a Cisco router - and it could be the security thing, they have been cracking down on viruses a fair bit lately. I don't have IPV6 in my kernel - so it's not that. I don't logon to the network at all - just use IP, and samba user auth to access a couple of drive shares.

Armed with this info (and my knoppix cd - hadn't thought of that!), I'll look take a closer look next time I'm at work, and post my progress.

I wouldn't lose my job, I work in IT in the development department so they aren't to strict with us on what goes on the network... you just do it at your own risk, and they offer NO SUPPORT if you have any problems - hence the reason I have to fix it myself.

Steve

----------

## asiobob

it could also be a TCP window sliding issue.

trying something like

```
echo 0 > /proc/sys/net/ipv4/tcp_default_win_scale 
```

----------

## wjholden

 *spidie wrote:*   

> It's a Cisco router - and it could be the security thing, they have been cracking down on viruses a fair bit lately.

 Hehe your department needs to embrace Linux then  :Wink: 

----------

## opensas

I think that ILuvSnakMachines wanted to know the location of the server.cfg file

/etc/ntlmaps/server.cfg

in ntlmaps 0.9.9

you also have a 

/etc/init.d/ntlmaps

script which calls

/usr/bin/ntlmaps

What I still couldn't find is the log file, cause I can't make it work.

So if anybody knows where I could find it, please let me know.

Saludos

Sas

----------

## wjholden

First off, your post is about a month late; it's good practice to pay close attention to timestamps  :Smile: 

To address your question;

 *opensas wrote:*   

> What I still couldn't find is the log file, cause I can't make it work.
> 
> So if anybody knows where I could find it, please let me know.

 

It should be somewhere in /var/log if it's using regular Metalog, but some developers choose to change things.  Maybe you've accidentally disabled logging?

----------

## opensas

Well, I ouldn´t find the log file, but I finnaly solved the thing

I just forgot to export the http_proxy variable (silly me  :Embarassed:  )

I tried with

```
export http_proxy="http://localhost:5865"
```

and it worked

saludos

sas

PS Sorry for my extemporaneous intervention, I just didn´t want to start a new thread if there was already a suitable one around there  :Wink: 

----------

