Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




60 posts

Master Geek


# 80010 25-Mar-2011 16:11
Send private message

Hello,

I was wondering if someone can help me with a Sierra Wireless modem Q26 Extreme which has in-built ARM9 processor and incorporates the openssl library as part of it is API.

I have been talking to someone at Telecom but they have directed me to helpdesk to sort out the issue but with no avail as the person does not have any clue using TCP or UDP.

Sierra Wireless provides examples source code written in C for the TCP client and SSL client. To test the code for TCP, I written a C# TCP server and ran in my desktop PC. The modem I change the Telecom APN and connect to my server address and port. This works fine without any issues. Data is transmitted to the server correctly.

For the SSL setup, I use the openssl server in my desktop and the SSL client in the modem. This connects to the APN but fails when it tries to connect to the openssl server. The openssl output is "gethostbyname failure". I have retested the code and use Vodafone simcard and APN, this works fine without any issues. It connects and transmit data to the openssl server. I have tested the openssl server with a openssl client in a different machine and that connects without any issues.

Both openssl server and modem uses the same CA cert. The server and client certs are generated using the CA cert provided by the customer. The certs are tested in openssl to ensure the certificates are working correctly. Also tested in the Vodafone network works fine.

Regards
Paul

Create new topic
5579 posts

Uber Geek

Trusted
Lifetime subscriber

  # 451840 25-Mar-2011 17:26
Send private message

XT is 3G only, it does not support 2G GPRS technology




Chorus has spent $1.4 billion on making their xDSL broadband network faster and even more now as they are upgrading their rural Conklins. If your still stuck on ADSL or VDSL, why not spend $195 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


19282 posts

Uber Geek
Inactive user


  # 451848 25-Mar-2011 17:58
Send private message

coffeebaron: XT is 3G only, it does not support 2G GPRS technology


I was waiting for that reply but the OP means packet switch network either over 2G or 3G I guess

 
 
 
 


2904 posts

Uber Geek

Trusted
Lifetime subscriber

  # 451904 25-Mar-2011 21:52
Send private message

Which Vodafone APN are you testing with, and are you testing with direct.telecom.co.nz or internet.telecom.co.nz.  Also what sort of traffic does it create.  Have you tried using wireshark or some other lan tracing tool to see working traffic.




and 




60 posts

Master Geek


  # 452010 26-Mar-2011 12:00
Send private message

coffeebaron: XT is 3G only, it does not support 2G GPRS technology


I know XT is 3G. As indicated this modem can be used with 2G and 3G and I have tested with XT APN using TCP packets but it doesn't work with SSL.

Here is the modem.

http://www.sierrawireless.com/en/productsandservices/AirPrime/Wireless_Modules/Smart/Connectorized/Q26_Extreme.aspx 

My supplier has tested in Australia using the 3G network and connects to my SSL server without any issues. They also suggest it could be the XT network. I have also shared my desktop with the supplier (in case of any mistakes at my end) to verify that I am compiling the example code and loading into the device correctly, and he can't see any problems with my setup. I have also showed it to the supplier colleague based in NZ and he verify my setup. The only issue I can think of is the XT network is blocking my device from using SSL. TCP works fine without any issues.



60 posts

Master Geek


  # 452014 26-Mar-2011 12:03
Send private message

BarTender: Which Vodafone APN are you testing with, and are you testing with direct.telecom.co.nz or internet.telecom.co.nz.  Also what sort of traffic does it create.  Have you tried using wireshark or some other lan tracing tool to see working traffic.


I have tried both APNs and both gives the same error in openssl (gethostbyname). I have also tried to capture in wireshark but it doesn't seem show any SSL packets being captured. I can capture the hello messages between the client and server, authentication etc.. using the Vodafone APN.

2904 posts

Uber Geek

Trusted
Lifetime subscriber

  # 452045 26-Mar-2011 13:20
Send private message

pseudogeek2009:
BarTender: Which Vodafone APN are you testing with, and are you testing with direct.telecom.co.nz or internet.telecom.co.nz.  Also what sort of traffic does it create.  Have you tried using wireshark or some other lan tracing tool to see working traffic.


I have tried both APNs and both gives the same error in openssl (gethostbyname). I have also tried to capture in wireshark but it doesn't seem show any SSL packets being captured. I can capture the hello messages between the client and server, authentication etc.. using the Vodafone APN.


Is it connecting to the remote end on a strange port?  Tried using 443? I assume it's connecting over tcp?

I would assume you should have more success using the direct APN rather than internet.

a gethostbyname normally indicates that it can't do a local dns name lookup.  Have you specified the correct dns server (or are you getting it via dhcp).  What happens if you specify a manual DNS server?

Is there any way you can run tcpdump or similar on the embedded device side?





and 




60 posts

Master Geek


  # 452077 26-Mar-2011 15:08
Send private message

BarTender:
pseudogeek2009:
BarTender: Which Vodafone APN are you testing with, and are you testing with direct.telecom.co.nz or internet.telecom.co.nz.  Also what sort of traffic does it create.  Have you tried using wireshark or some other lan tracing tool to see working traffic.


I have tried both APNs and both gives the same error in openssl (gethostbyname). I have also tried to capture in wireshark but it doesn't seem show any SSL packets being captured. I can capture the hello messages between the client and server, authentication etc.. using the Vodafone APN.


Is it connecting to the remote end on a strange port?  Tried using 443? I assume it's connecting over tcp?

I would assume you should have more success using the direct APN rather than internet.

a gethostbyname normally indicates that it can't do a local dns name lookup.  Have you specified the correct dns server (or are you getting it via dhcp).  What happens if you specify a manual DNS server?

Is there any way you can run tcpdump or similar on the embedded device side?



In openssl you can set which port to use my typing the following command:

openssl s_server -accept 6502 -cert server-cert.pem -key server-key.pem -CAfile ca-cert.pem -www

openssl s_client -connect 192.168.1.92:6502 -cert client-cert.pem -key client-key.pem -CAfile ca-cert.pem

Both server and client are running at separate PC.

I imagine XT should handle the hostname side. The modem only requires the APN and the server it connects to, which is my company IP address and port number. There is no way of setting the DNS server in the modem. Would you have to setup the DNS when connecting to the internet via GPRS in a Iphone or android. In my mobile phone, you just need an APN and as described in the vodafone forum (http://forum.vodafone.co.nz/topic/6060-android-apn-mobile-network-settings/). This is essentially how the modem works, you just need an APN to connect to the internet via GPRS. From one of the XT forum topics for setting up Android device to work on the XT network, it only requires an APN. No setup for DNS.

The problem is why does it work with Vodafone APN not the XT APN when using SSL. The other thing is why does it work with TCP using the XT APN not SSL. 

In the TCP setup, I ran a TCP server in my desktop using port 6502. In the modem, the software is configured to connect the XT APN and connect to the company IP address at port 6502. The company router is setup to port forward to my PC. When I ran my application, it connects to the server and send the data correctly. This has work without any issues. There are no setup require for DNS.
The modem SSL library is based on openssl. I have change the sim card to use the Vodafone sim card. Software was changed to use the Vodafone APN and when I ran the application, it works without any issues when connecting to the openssl server so it isn't the modem SSL library or the DNS or port 443.



 

 
 
 
 


2904 posts

Uber Geek

Trusted
Lifetime subscriber

  # 452214 26-Mar-2011 22:06
Send private message

pseudogeek2009: I imagine XT should handle the hostname side. The modem only requires the APN and the server it connects to, which is my company IP address and port number. There is no way of setting the DNS server in the modem. Would you have to setup the DNS when connecting to the internet via GPRS in a Iphone or android. In my mobile phone, you just need an APN and as described in the vodafone forum (http://forum.vodafone.co.nz/topic/6060-android-apn-mobile-network-settings/). This is essentially how the modem works, you just need an APN to connect to the internet via GPRS. From one of the XT forum topics for setting up Android device to work on the XT network, it only requires an APN. No setup for DNS.


I assume you are running this all on an embedded Linux system?  So in theory you could run tcpdump across the IP stack to see what is happening ok with Vodafone but isn't with XT.

To me a gethostbyname is a local lookup of the connecting and probably trying to do a reverse dns lookup.

I would if you could try hard-coding the dns server to the xtra one 202.27.158.40.

Plus I would really like to see the results of a tcpdump when running the two different sim's.

If you're based in Wellington there may be more that I can do too.  PM me if you are and we could talk further.




and 




60 posts

Master Geek


  # 452237 26-Mar-2011 23:16
Send private message

BarTender:
pseudogeek2009: I imagine XT should handle the hostname side. The modem only requires the APN and the server it connects to, which is my company IP address and port number. There is no way of setting the DNS server in the modem. Would you have to setup the DNS when connecting to the internet via GPRS in a Iphone or android. In my mobile phone, you just need an APN and as described in the vodafone forum (http://forum.vodafone.co.nz/topic/6060-android-apn-mobile-network-settings/). This is essentially how the modem works, you just need an APN to connect to the internet via GPRS. From one of the XT forum topics for setting up Android device to work on the XT network, it only requires an APN. No setup for DNS.


I assume you are running this all on an embedded Linux system?  So in theory you could run tcpdump across the IP stack to see what is happening ok with Vodafone but isn't with XT.

To me a gethostbyname is a local lookup of the connecting and probably trying to do a reverse dns lookup.

I would if you could try hard-coding the dns server to the xtra one 202.27.158.40.

Plus I would really like to see the results of a tcpdump when running the two different sim's.

If you're based in Wellington there may be more that I can do too.  PM me if you are and we could talk further.


The sierra wireless device uses their platform called OpenAT. It does not use an embedded linux platform like the Telit part. Also the reason for choosing this part as the device supposedly more reliable based on a another customer's experience with both the Telit and Sierra Wireless device.

Sorry, I am based in Auckland.

463 posts

Ultimate Geek


  # 452302 27-Mar-2011 10:28
Send private message

So if I understand correctly you are connecting to the IP address (not a dns record) for your companies server?

In this case a gethostbyname error makes no sense, as there should be no calls to do name resolution.  This points to perhaps a parsing error, but then you should have got the same result when using a voda SIM.

Is there anyway to increase the debugging level on the device?  It would be nice to know what hostname openssl thinks it needs to resolve. 



60 posts

Master Geek


  # 452376 27-Mar-2011 13:21
Send private message

hashbrown: So if I understand correctly you are connecting to the IP address (not a dns record) for your companies server?

In this case a gethostbyname error makes no sense, as there should be no calls to do name resolution.  This points to perhaps a parsing error, but then you should have got the same result when using a voda SIM.

Is there anyway to increase the debugging level on the device?  It would be nice to know what hostname openssl thinks it needs to resolve. 


That is correct I am connecting to an IP address and a port number. The port is port forward to my PC by changing the settings in the router. The problems is I don't get the same problem with Vodafone sim even when I use the Q2687 (2G version). The other confusing issues is the TCP works fine using the 3G modem.

When I get back to work tomorrow I can modify the code to allow more debugging features. 

2904 posts

Uber Geek

Trusted
Lifetime subscriber

  # 452382 27-Mar-2011 13:31
Send private message

I agree with hashbrown i am wondering what could be different. If you could pm me some links where to find the code. I assume that the code works fine on a box over the xt connection so it shouldn't be a firewall issue on the telecom side.

I also wonder why the code does a gethostbyname since it should all just be ip to ip traffic.

The only thing i also could think of was a missing reverse dns entry for the ip. or the client does a ping of the dns service and its blocking icmp but not dns Is there a local hosts you could try adding the assigned ip into?




and 




60 posts

Master Geek


  # 584447 21-Feb-2012 12:11
Send private message

Just want to note, it was resolved at the Telecom side. The device or sample code was not at fault. 

Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32


Vodafone 5G service live in four cities
Posted 10-Dec-2019 08:30


Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00


New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33


IMAGR and Farro bring checkout-less supermarket shopping to New Zealand
Posted 5-Dec-2019 09:07


Wellington Airport becomes first 5G connected airport in the country
Posted 3-Dec-2019 08:42


MetService secures Al Jazeera as a new weather client
Posted 28-Nov-2019 09:40


NZ a top 10 connected nation with stage one of ultra-fast broadband roll-out completed
Posted 24-Nov-2019 14:15


Microsoft Translator understands te reo Māori
Posted 22-Nov-2019 08:46


Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.