Communication administratively filtered error

August 9, 2012 at 19:47:26
Specs: Windows XP
I have 2 different network topology - network A and network B
Both of them are connecting to the same gateway (a firewall) to the net.
they're using the same range of public IP pool to NAT the private IPs.
in shorts, all setup is almost the same except the devices' brand between A and B.

I have no problem to access the webpage using network A. But whenever I attach the same laptop to network B, the same page won't display at all.

I've done wiresharking to network B and the result shows "ICMP destination unreacheable (Communication administratively filtered)" which reported by unknown device (suspected to be the webpage's gateway).

Anyone ever facing this kind of problem?appreciate if you can share with me.thank you


See More: Communication administratively filtered error

Report •

#1
August 10, 2012 at 07:22:10
So what are your two topologies?

Network A = token ring
Network B = bus

or maybe it's:

Network A = star
Network B = token ring

I ask because the issue you're having could be caused by the use of different topologies and the abilities of the gateway device between the two topologies.

When you say, "I have no problem to access the webpage" do you mean an internal webpage or an external webpage out on the internet?

Do you have LAN communication between both networks?

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#2
August 10, 2012 at 07:38:07
I think i need to rephrase the statement.

Network A is using cisco product and network B is using non-cisco. I used the same firewall to NAT both network to access the Internet. Now I have a problem to access a webpage from Singapore via network B only which replied "communication administratively filtered" by Singapore's IP. However, I don't received this error whilst accessing the same page via network A.

sorry for confusing.


Report •

#3
August 10, 2012 at 10:29:37
I think i need to rephrase the statement.

That's what I figured too.

I used the same firewall to NAT both network to access the Internet

So if I have this straight, in one location, you have two physically separate networks that are logically the same (ie: both in the same subnet), each connecting to it's own network appliance which in turn both connect to one NAT device. Is this correct?

Just for the sake of being clear, please detail your setup a little better for me. Include make/model of the devices involved so I know what we're dealing with here.

Other things I'd like to know:
- Are the two networks able to communicate with each other properly?
- Are the two networks able to surf to other identical websites without issue?
- In the case of the error, does it happen on only one PC/Laptop from that network, on some but not all, or on all of them?
(no need to test every one if you have lots, but if you only have say 10 on that network, try them all. If however, you have hundreds, try 10 to get a rough idea if it's all, some, or just the one).

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

Related Solutions

#4
August 12, 2012 at 07:09:21
yes correct. to be exact..network A is built purposely to upgrade network B. But I can't totally demolish network B at this time as some customers are still attached in network B. Both are using the same NAT equipment.

- Are the two networks able to communicate with each other properly?
both are totally different cloud. private IPs assigned is different range..no bridge connection between them.
- Are the two networks able to surf to other identical websites without issue?
both are able to access other websites e.g: google, youtube, yahoo, facebook.
but when come to access the page from Singapore via network B, I get the error msg.
- In the case of the error, does it happen on only one PC/Laptop from that network, on some but not all, or on all of them?
I had conducted various testing using the same laptop and different laptop but the result is the same. I NAT to the different range for the particular IP during testing also failed.


Report •

#5
August 12, 2012 at 08:47:11
I'm just going to comment here that you seem to have a problem with the proper nomenclature. I'm going to guess English isn't your first language and that that is the likely cause of this issue.

I bring this up because originally you used "topology" incorrectly. Now you seem to be using "cloud" incorrectly as well

This makes understanding harder, but not impossible so I will try very hard to be patient with you if you'll be patient with me too. :)

Ok, I think I have this straight......If I say anything wrong, please quote it and correct it.

- Network A is going to replace network B completely and you have yet to move all users in B over to A

- Network A is an exact copy of Network B including NAT device

- You're getting the error on network B only.

- The error affects all clients on B but is only in regard to one single website located in Singapore.

My first thought is, move all users from B to A and kill B.

If for some reason that isn't possible then I would suggest going through all settings on your NAT devices that Both A and B connect directly to and compare.

My second thought is, if this website isn't integral to the work users do, I'd stop worrying about it since they seem to be able to connect to all other websites.

BTW, what equipment are you using to NAT both A and B, and then what device are they in turn connected to? Make and model please.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

Ask Question