Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Trouble with Astrill
chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


#89927 11-Sep-2011 17:07
Send private message

Hi everyone,
Having a bit of trouble establishing a connection with Astrill when in openVPN mode. Works fine in openWeb. I have contacted astril support, who are great, but i am too impatient to wait lol.
Here are the logs when trying the LA 1 server...TCP:
[9/11/2011 11:45:22] Detected local IP: 192.168.1.104
[9/11/2011 11:45:22] Detected default gateway: 192.168.1.1
[9/11/2011 11:45:23] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/11/2011 11:45:23] Need hold release from management interface, waiting...
[9/11/2011 11:45:23] Flushing routing cache...
[9/11/2011 11:45:24] Terminated

UDP:
[9/11/2011 11:46:24] Detected local IP: 192.168.1.104
[9/11/2011 11:46:24] Detected default gateway: 192.168.1.1
[9/11/2011 11:46:25] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/11/2011 11:46:25] Need hold release from management interface, waiting...
[9/11/2011 11:46:25] Flushing routing cache...
[9/11/2011 11:46:26] Terminated

any ideas?

Cheers,
Sam

Create new topic
timmmay
20858 posts

Uber Geek
+1 received by user: 5349

Trusted
Lifetime subscriber

  #519792 12-Sep-2011 09:31
Send private message

Sometimes LA1 doesn't work, it's the default and probably just gets overloaded. Try Canada or one of the other servers with a * beside the name.



chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


  #519894 12-Sep-2011 12:35
Send private message

Tried heaps of different servers and no luck on any. Im thinking it is something on my end.

Im running a cisco router. Wondering if i need to add extra ports to the access lists? port 443 is allowed through though so im a bit puzzled as to why it didnt connect with tcp

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


  #519899 12-Sep-2011 12:39
Send private message

Just got an email back from support...
They have said it is probably the firewall on my computer. Well i have turned off windows firewall so it must be the cisco firewall..
Here is a part of the config:
no ip bootp server
ip inspect name firewall tcp
ip inspect name firewall udp
ip inspect name firewall cuseeme
ip inspect name firewall h323
ip inspect name firewall rcmd
ip inspect name firewall realaudio
ip inspect name firewall streamworks
ip inspect name firewall vdolive
ip inspect name firewall sqlnet
ip inspect name firewall tftp
ip inspect name firewall ftp
ip inspect name firewall sip
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall netshow
ip inspect name firewall rtsp
ip inspect name firewall skinny
ip audit notify log
ip audit po max-events 100
ip audit name intrusion info action alarm
ip audit name intrusion attack action alarm drop reset

anything in there i need to remove? or add?

and here is my access list's...
access-list 1 remark The local LAN.
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark Where management can be done from.
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 101 remark Traffic allowed to enter the router from the Internet
access-list 101 deny ip 0.0.0.0 0.255.255.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.0.2.0 0.0.0.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 198.18.0.0 0.1.255.255 any
access-list 101 deny ip 224.0.0.0 0.15.255.255 any
access-list 101 deny ip any host 255.255.255.255
access-list 101 permit tcp any any eq 1723
access-list 101 permit gre any any
access-list 101 deny icmp any any echo
access-list 101 deny ip any any log
access-list 101 permit icmp any any packet-too-big
access-list 101 deny tcp any any eq 22
access-list 101 deny tcp any any eq telnet
access-list 102 remark Traffic allowed to enter the router from the Ethernet
access-list 102 permit ip any host 192.168.1.1
access-list 102 deny ip any host 192.168.1.255
access-list 102 deny udp any any eq tftp log
access-list 102 deny ip any 0.0.0.0 0.255.255.255 log
access-list 102 deny ip any 10.0.0.0 0.255.255.255 log
access-list 102 deny ip any 127.0.0.0 0.255.255.255 log
access-list 102 deny ip any 172.16.0.0 0.15.255.255 log
access-list 102 deny ip any 192.0.2.0 0.0.0.255 log
access-list 102 deny ip any 192.168.0.0 0.0.255.255 log
access-list 102 deny ip any 198.18.0.0 0.1.255.255 log
access-list 102 deny udp any any eq 135 log
access-list 102 deny tcp any any eq 135 log
access-list 102 deny udp any any eq netbios-ns log
access-list 102 deny udp any any eq netbios-dgm log
access-list 102 deny tcp any any eq 445 log
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 permit ip any host 255.255.255.255
access-list 102 deny ip any any log

will be doing some googling but would love to hear everyones comments.



timmmay
20858 posts

Uber Geek
+1 received by user: 5349

Trusted
Lifetime subscriber

  #519900 12-Sep-2011 12:41
Send private message

Try turning off the firewall completely for a minute then connecting. If it works, enable the firewall and try to work out what ports it's using.

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


  #520105 12-Sep-2011 18:34
Send private message

Turning off the firewall isnt that easy for me as I have to re-write the config. I know it uses 443 for tcp connection.

Someone must have used atrill with a cisco router. I cant be the first lol

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


  #520924 14-Sep-2011 12:57
Send private message

So trying to eliminate stuff...
Plugged in an old Netcom nb6 to replace the cisco router for now.
-No change-
Turned off firewall in wireless AP (I forgot that was still on. should be off anyways)
-No change-
Disable AVG
-No change-

WTF IS GOING ON!?!

Tearing my hair out on this one

HP

 
 
 
 

Shop now for HP laptops and other devices (affiliate link).
chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


  #520926 14-Sep-2011 13:01
Send private message

Have tried a TCP connection on ports 80, 443 & 8292.
Log keeps showing the same thing:
[9/14/2011 12:59:12] Detected local IP: 192.168.1.4
[9/14/2011 12:59:12] Detected default gateway: 192.168.1.1
[9/14/2011 12:59:13] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/14/2011 12:59:13] Need hold release from management interface, waiting...
[9/14/2011 12:59:13] [Debug] Management Interface is disconnected
[9/14/2011 12:59:13] [Debug] MgmtProcess raised exception - Connection Closed Gracefully.
[9/14/2011 12:59:13] Flushing routing cache...
[9/14/2011 12:59:14] Terminated

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright