Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3342 posts

Uber Geek
+1 received by user: 1110

Subscriber

Topic # 89927 11-Sep-2011 17:07
Send private message

Hi everyone,
Having a bit of trouble establishing a connection with Astrill when in openVPN mode. Works fine in openWeb. I have contacted astril support, who are great, but i am too impatient to wait lol.
Here are the logs when trying the LA 1 server...TCP:
[9/11/2011 11:45:22] Detected local IP: 192.168.1.104
[9/11/2011 11:45:22] Detected default gateway: 192.168.1.1
[9/11/2011 11:45:23] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/11/2011 11:45:23] Need hold release from management interface, waiting...
[9/11/2011 11:45:23] Flushing routing cache...
[9/11/2011 11:45:24] Terminated

UDP:
[9/11/2011 11:46:24] Detected local IP: 192.168.1.104
[9/11/2011 11:46:24] Detected default gateway: 192.168.1.1
[9/11/2011 11:46:25] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/11/2011 11:46:25] Need hold release from management interface, waiting...
[9/11/2011 11:46:25] Flushing routing cache...
[9/11/2011 11:46:26] Terminated

any ideas?

Cheers,
Sam

Create new topic
13743 posts

Uber Geek
+1 received by user: 2388

Trusted
Subscriber

  Reply # 519792 12-Sep-2011 09:31
Send private message

Sometimes LA1 doesn't work, it's the default and probably just gets overloaded. Try Canada or one of the other servers with a * beside the name.




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




3342 posts

Uber Geek
+1 received by user: 1110

Subscriber

  Reply # 519894 12-Sep-2011 12:35
Send private message

Tried heaps of different servers and no luck on any. Im thinking it is something on my end.

Im running a cisco router. Wondering if i need to add extra ports to the access lists? port 443 is allowed through though so im a bit puzzled as to why it didnt connect with tcp

 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software


3342 posts

Uber Geek
+1 received by user: 1110

Subscriber

  Reply # 519899 12-Sep-2011 12:39
Send private message

Just got an email back from support...
They have said it is probably the firewall on my computer. Well i have turned off windows firewall so it must be the cisco firewall..
Here is a part of the config:
no ip bootp server
ip inspect name firewall tcp
ip inspect name firewall udp
ip inspect name firewall cuseeme
ip inspect name firewall h323
ip inspect name firewall rcmd
ip inspect name firewall realaudio
ip inspect name firewall streamworks
ip inspect name firewall vdolive
ip inspect name firewall sqlnet
ip inspect name firewall tftp
ip inspect name firewall ftp
ip inspect name firewall sip
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall netshow
ip inspect name firewall rtsp
ip inspect name firewall skinny
ip audit notify log
ip audit po max-events 100
ip audit name intrusion info action alarm
ip audit name intrusion attack action alarm drop reset

anything in there i need to remove? or add?

and here is my access list's...
access-list 1 remark The local LAN.
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark Where management can be done from.
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 101 remark Traffic allowed to enter the router from the Internet
access-list 101 deny ip 0.0.0.0 0.255.255.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.0.2.0 0.0.0.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 198.18.0.0 0.1.255.255 any
access-list 101 deny ip 224.0.0.0 0.15.255.255 any
access-list 101 deny ip any host 255.255.255.255
access-list 101 permit tcp any any eq 1723
access-list 101 permit gre any any
access-list 101 deny icmp any any echo
access-list 101 deny ip any any log
access-list 101 permit icmp any any packet-too-big
access-list 101 deny tcp any any eq 22
access-list 101 deny tcp any any eq telnet
access-list 102 remark Traffic allowed to enter the router from the Ethernet
access-list 102 permit ip any host 192.168.1.1
access-list 102 deny ip any host 192.168.1.255
access-list 102 deny udp any any eq tftp log
access-list 102 deny ip any 0.0.0.0 0.255.255.255 log
access-list 102 deny ip any 10.0.0.0 0.255.255.255 log
access-list 102 deny ip any 127.0.0.0 0.255.255.255 log
access-list 102 deny ip any 172.16.0.0 0.15.255.255 log
access-list 102 deny ip any 192.0.2.0 0.0.0.255 log
access-list 102 deny ip any 192.168.0.0 0.0.255.255 log
access-list 102 deny ip any 198.18.0.0 0.1.255.255 log
access-list 102 deny udp any any eq 135 log
access-list 102 deny tcp any any eq 135 log
access-list 102 deny udp any any eq netbios-ns log
access-list 102 deny udp any any eq netbios-dgm log
access-list 102 deny tcp any any eq 445 log
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 permit ip any host 255.255.255.255
access-list 102 deny ip any any log

will be doing some googling but would love to hear everyones comments.

13743 posts

Uber Geek
+1 received by user: 2388

Trusted
Subscriber

  Reply # 519900 12-Sep-2011 12:41
Send private message

Try turning off the firewall completely for a minute then connecting. If it works, enable the firewall and try to work out what ports it's using.




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




3342 posts

Uber Geek
+1 received by user: 1110

Subscriber

  Reply # 520105 12-Sep-2011 18:34
Send private message

Turning off the firewall isnt that easy for me as I have to re-write the config. I know it uses 443 for tcp connection.

Someone must have used atrill with a cisco router. I cant be the first lol



3342 posts

Uber Geek
+1 received by user: 1110

Subscriber

  Reply # 520924 14-Sep-2011 12:57
Send private message

So trying to eliminate stuff...
Plugged in an old Netcom nb6 to replace the cisco router for now.
-No change-
Turned off firewall in wireless AP (I forgot that was still on. should be off anyways)
-No change-
Disable AVG
-No change-

WTF IS GOING ON!?!

Tearing my hair out on this one



3342 posts

Uber Geek
+1 received by user: 1110

Subscriber

  Reply # 520926 14-Sep-2011 13:01
Send private message

Have tried a TCP connection on ports 80, 443 & 8292.
Log keeps showing the same thing:
[9/14/2011 12:59:12] Detected local IP: 192.168.1.4
[9/14/2011 12:59:12] Detected default gateway: 192.168.1.1
[9/14/2011 12:59:13] OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] built on Oct 12 2010
[9/14/2011 12:59:13] Need hold release from management interface, waiting...
[9/14/2011 12:59:13] [Debug] Management Interface is disconnected
[9/14/2011 12:59:13] [Debug] MgmtProcess raised exception - Connection Closed Gracefully.
[9/14/2011 12:59:13] Flushing routing cache...
[9/14/2011 12:59:14] Terminated

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38


Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55


How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08


How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15


iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13


Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11


111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50


Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41


Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29


Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22


Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18


Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47


Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25


New Zealand Adopts International Open Data Charter
Posted 3-Mar-2018 12:48


Shipments tumble as NZ phone upgrades slow
Posted 2-Mar-2018 11:48



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.