Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


chevrolux

4594 posts

Uber Geek

Trusted

#89927 11-Sep-2011 17:07
Send private message

Hi everyone,
Having a bit of trouble establishing a connection with Astrill when in openVPN mode. Works fine in openWeb. I have contacted astril support, who are great, but i am too impatient to wait lol.
Here are the logs when trying the LA 1 server...TCP:
[9/11/2011 11:45:22] Detected local IP: 192.168.1.104
[9/11/2011 11:45:22] Detected default gateway: 192.168.1.1
[9/11/2011 11:45:23] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/11/2011 11:45:23] Need hold release from management interface, waiting...
[9/11/2011 11:45:23] Flushing routing cache...
[9/11/2011 11:45:24] Terminated

UDP:
[9/11/2011 11:46:24] Detected local IP: 192.168.1.104
[9/11/2011 11:46:24] Detected default gateway: 192.168.1.1
[9/11/2011 11:46:25] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/11/2011 11:46:25] Need hold release from management interface, waiting...
[9/11/2011 11:46:25] Flushing routing cache...
[9/11/2011 11:46:26] Terminated

any ideas?

Cheers,
Sam

Create new topic
timmmay
16413 posts

Uber Geek

Trusted
Subscriber

  #519792 12-Sep-2011 09:31
Send private message

Sometimes LA1 doesn't work, it's the default and probably just gets overloaded. Try Canada or one of the other servers with a * beside the name.

chevrolux

4594 posts

Uber Geek

Trusted

  #519894 12-Sep-2011 12:35
Send private message

Tried heaps of different servers and no luck on any. Im thinking it is something on my end.

Im running a cisco router. Wondering if i need to add extra ports to the access lists? port 443 is allowed through though so im a bit puzzled as to why it didnt connect with tcp

 
 
 
 


chevrolux

4594 posts

Uber Geek

Trusted

  #519899 12-Sep-2011 12:39
Send private message

Just got an email back from support...
They have said it is probably the firewall on my computer. Well i have turned off windows firewall so it must be the cisco firewall..
Here is a part of the config:
no ip bootp server
ip inspect name firewall tcp
ip inspect name firewall udp
ip inspect name firewall cuseeme
ip inspect name firewall h323
ip inspect name firewall rcmd
ip inspect name firewall realaudio
ip inspect name firewall streamworks
ip inspect name firewall vdolive
ip inspect name firewall sqlnet
ip inspect name firewall tftp
ip inspect name firewall ftp
ip inspect name firewall sip
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall netshow
ip inspect name firewall rtsp
ip inspect name firewall skinny
ip audit notify log
ip audit po max-events 100
ip audit name intrusion info action alarm
ip audit name intrusion attack action alarm drop reset

anything in there i need to remove? or add?

and here is my access list's...
access-list 1 remark The local LAN.
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark Where management can be done from.
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 101 remark Traffic allowed to enter the router from the Internet
access-list 101 deny ip 0.0.0.0 0.255.255.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.0.2.0 0.0.0.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 198.18.0.0 0.1.255.255 any
access-list 101 deny ip 224.0.0.0 0.15.255.255 any
access-list 101 deny ip any host 255.255.255.255
access-list 101 permit tcp any any eq 1723
access-list 101 permit gre any any
access-list 101 deny icmp any any echo
access-list 101 deny ip any any log
access-list 101 permit icmp any any packet-too-big
access-list 101 deny tcp any any eq 22
access-list 101 deny tcp any any eq telnet
access-list 102 remark Traffic allowed to enter the router from the Ethernet
access-list 102 permit ip any host 192.168.1.1
access-list 102 deny ip any host 192.168.1.255
access-list 102 deny udp any any eq tftp log
access-list 102 deny ip any 0.0.0.0 0.255.255.255 log
access-list 102 deny ip any 10.0.0.0 0.255.255.255 log
access-list 102 deny ip any 127.0.0.0 0.255.255.255 log
access-list 102 deny ip any 172.16.0.0 0.15.255.255 log
access-list 102 deny ip any 192.0.2.0 0.0.0.255 log
access-list 102 deny ip any 192.168.0.0 0.0.255.255 log
access-list 102 deny ip any 198.18.0.0 0.1.255.255 log
access-list 102 deny udp any any eq 135 log
access-list 102 deny tcp any any eq 135 log
access-list 102 deny udp any any eq netbios-ns log
access-list 102 deny udp any any eq netbios-dgm log
access-list 102 deny tcp any any eq 445 log
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 permit ip any host 255.255.255.255
access-list 102 deny ip any any log

will be doing some googling but would love to hear everyones comments.

timmmay
16413 posts

Uber Geek

Trusted
Subscriber

  #519900 12-Sep-2011 12:41
Send private message

Try turning off the firewall completely for a minute then connecting. If it works, enable the firewall and try to work out what ports it's using.

chevrolux

4594 posts

Uber Geek

Trusted

  #520105 12-Sep-2011 18:34
Send private message

Turning off the firewall isnt that easy for me as I have to re-write the config. I know it uses 443 for tcp connection.

Someone must have used atrill with a cisco router. I cant be the first lol

chevrolux

4594 posts

Uber Geek

Trusted

  #520924 14-Sep-2011 12:57
Send private message

So trying to eliminate stuff...
Plugged in an old Netcom nb6 to replace the cisco router for now.
-No change-
Turned off firewall in wireless AP (I forgot that was still on. should be off anyways)
-No change-
Disable AVG
-No change-

WTF IS GOING ON!?!

Tearing my hair out on this one

chevrolux

4594 posts

Uber Geek

Trusted

  #520926 14-Sep-2011 13:01
Send private message

Have tried a TCP connection on ports 80, 443 & 8292.
Log keeps showing the same thing:
[9/14/2011 12:59:12] Detected local IP: 192.168.1.4
[9/14/2011 12:59:12] Detected default gateway: 192.168.1.1
[9/14/2011 12:59:13] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/14/2011 12:59:13] Need hold release from management interface, waiting...
[9/14/2011 12:59:13] [Debug] Management Interface is disconnected
[9/14/2011 12:59:13] [Debug] MgmtProcess raised exception - Connection Closed Gracefully.
[9/14/2011 12:59:13] Flushing routing cache...
[9/14/2011 12:59:14] Terminated

Create new topic




News »

Amazon introduces new Echo devices
Posted 25-Sep-2020 11:56


Mad Catz introduces new S.T.R.I.K.E. 13 Mechanical Gaming Keyboard
Posted 25-Sep-2020 11:34


Vodafone NZ upgrades international submarine network
Posted 25-Sep-2020 09:09


Jabra announces wireless noise-cancelling airbuds, upgrade existing model
Posted 24-Sep-2020 14:43


Nokia 3.4 to be available in New Zealand
Posted 24-Sep-2020 14:34


HP announces new HP ENVY laptops aimed at content creators
Posted 24-Sep-2020 14:02


Logitech introduce MX Anywhere 3
Posted 21-Sep-2020 21:17


Countdown unveils contactless shopping with new Scan&Go tech
Posted 21-Sep-2020 09:48


HP unveils new innovations for businesses adapting to rapidly evolving workstyles and workforces
Posted 17-Sep-2020 15:36


GoPro launches new HERO9 Black camera
Posted 17-Sep-2020 09:45


Telecommunications industry launches new 5G Facts website
Posted 17-Sep-2020 07:56


New Zealand ranks 3rd in world in GSMA index
Posted 15-Sep-2020 10:13


Trend Micro Security Suite adds web monitoring to prevent identity theft
Posted 14-Sep-2020 15:37


NVIDIA to acquire Arm for US$ 40 billion
Posted 14-Sep-2020 12:27


Epson launches its next gen A3+ colour EcoTank multi-function printer
Posted 10-Sep-2020 16:08



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.