Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOne NZ (including Farmside)[TelstraClear] TelstraClear messing with SSL?
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
freitasm

BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41045

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #771661 28-Feb-2013 12:50
Send private message

Sure, but how come this only happens on a TelstraClear connection?




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 



Rubicon
29 posts

Geek


  #771686 28-Feb-2013 13:21
Send private message

If there are missing packets, it could be a routing or firewall issue. If the packets have been altered during transit, it could be due to misconfiguration in Telstra Clear's infamous 'transparent' proxy.

deadlyllama
1283 posts

Uber Geek
+1 received by user: 476

Trusted

  #771693 28-Feb-2013 13:38
Send private message

Rubicon: If there are missing packets, it could be a routing or firewall issue. If the packets have been altered during transit, it could be due to misconfiguration in Telstra Clear's infamous 'transparent' proxy.


TCL's proxy should only affect port 80 (not SSTP on 443) and only international traffic.

Is the SSTP server on an unmanaged dedicated server, or something Datacom is resposible?  If the latter, get them to look at it.



freitasm

BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41045

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #771703 28-Feb-2013 13:53
Send private message

It is one of my own servers. I am not too sure we should get Datacom involved at the moment as everything points out to something on TelstraClear perimeter causing this. As I said it works just fine when I connect from other networks.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

deadlyllama
1283 posts

Uber Geek
+1 received by user: 476

Trusted

  #771734 28-Feb-2013 14:32
Send private message

freitasm: It is one of my own servers. I am not too sure we should get Datacom involved at the moment as everything points out to something on TelstraClear perimeter causing this. As I said it works just fine when I connect from other networks.


You'll have more luck with Datacom talking to their upstream talking to TCL, then you talking to TCL customer care.  You're paying for a business-grade service at the Datacom end; use it.

muppet
2643 posts

Uber Geek
+1 received by user: 1660

Trusted

  #771744 28-Feb-2013 14:47
Send private message

freitasm: Sure, but how come this only happens on a TelstraClear connection?


Don't forget that the other end (your hosted server at datacom) might have a very different path travelling over different links on the return to your TCL connection.  There might be a box along the way with a misconfigured MTU, or something that's trying to be "clever" and have some sort of SSL manipulation going on.

Certainly think this is worthy of logging a fault with TCL at first, then also getting Datacom involved to check the return path towards you.

All those TCP re-transmits - make sure there's not an MTU issue somewhere.

 
 
 
 

Shop now for Lenovo laptops and other devices (affiliate link).
mercutio
1392 posts

Uber Geek
+1 received by user: 134


  #771746 28-Feb-2013 14:49
Send private message

have you tried bypassing your router?

deadlyllama
1283 posts

Uber Geek
+1 received by user: 476

Trusted

  #771755 28-Feb-2013 14:56
Send private message

muppet:
freitasm: Sure, but how come this only happens on a TelstraClear connection?


Don't forget that the other end (your hosted server at datacom) might have a very different path travelling over different links on the return to your TCL connection.  There might be a box along the way with a misconfigured MTU, or something that's trying to be "clever" and have some sort of SSL manipulation going on.

Certainly think this is worthy of logging a fault with TCL at first, then also getting Datacom involved to check the return path towards you.

All those TCP re-transmits - make sure there's not an MTU issue somewhere.


The "pings work, bring up something big and it fails" sounds like an MTU issue, but it'd be wierd if the packets from your hosted box to your home TCL cable connection went through any MTU<1500 links.

freitasm

BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41045

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #771757 28-Feb-2013 14:56
Send private message

mercutio: have you tried bypassing your router?


Already said yes, twice in this thread.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

freitasm

BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41045

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #771759 28-Feb-2013 14:57
Send private message

Muppet, yes, that could be the case.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

skewt
752 posts

Ultimate Geek
+1 received by user: 215


  #771801 28-Feb-2013 16:24
Send private message

If I have learnt anything from Geekzone its that a Master Filter will fix this problem

 
 
 
 

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).
mercutio
1392 posts

Uber Geek
+1 received by user: 134


  #771803 28-Feb-2013 16:27
Send private message

skewt: If I have learnt anything from Geekzone its that a Master Filter will fix this problem


splitter, not filter.

freitasm

BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41045

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #777612 10-Mar-2013 12:51
Send private message

I think this is now solved. Two firewalls blocking stuff they shouldn't, on my side. Disabled one of them and things seem to work fine now.

Obviously shouldn't have both firewalls active, and I have no idea why it was configured like that but it seems all is working fine (at least for the last couple of days).




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

freitasm

BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41045

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #777925 11-Mar-2013 12:33
Send private message

Hmm. Not so sure now. After a couple of days with no problems I had around five VPN disconnects this morning.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright