Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. conserver>
  3. users
conserver/firewall
dclarkjr at wowway
Feb 5, 2013, 6:09 PM
Post #1 of 4 (2299 views)
Permalink
On the local LAN the console/conserver are working fine. When I go
through the firewall I can see the packets landing on the server
(tcpdump) but the server sends a FIN before the connection happens. The
conserver log files are clean (don't see a connection at all) for the
external user (but I can see the connection via tcpdump. In my
conserver.cf I have a trusted 0.0.0.0/0 but is it possible that outside
connections are not being allowed? Just thought I would ask, before I go
down a path that someone else already went down.
The client can issue console -u and get the list of consoles. But when
doing console <name> the connection doesn't work. Client sees the
following error:
console: connect(): 60876@home.somedomain.com: Connection timed out

Ubuntu server - conserver.com version 8.1.18
Ubuntu client

Thanks for giving it a read.


_______________________________________________
users mailing list
users@conserver.com
https://www.conserver.com/mailman/listinfo/users
Re: conserver/firewall [ In reply to ]
jdwhite at menelos
Feb 5, 2013, 6:37 PM
Post #2 of 4 (2199 views)
Permalink
On Tuesday, February 5, 2013 at 8:09 PM, Donald Clark wrote:
> On the local LAN the console/conserver are working fine. When I go
> through the firewall I can see the packets landing on the server
> (tcpdump) but the server sends a FIN before the connection happens. The
> conserver log files are clean (don't see a connection at all) for the
> external user (but I can see the connection via tcpdump. In my
> conserver.cf I have a trusted 0.0.0.0/0 but is it possible that outside
> connections are not being allowed? Just thought I would ask, before I go
> down a path that someone else already went down.
> The client can issue console -u and get the list of consoles. But when
> doing console <name> the connection doesn't work. Client sees the
> following error:
> console: connect(): 60876@home.somedomain.com (mailto:60876@home.somedomain.com): Connection timed out
>
>


Sounds like the connections to the secondary port are being blocked by your firewall.
In addition to port 782, conserver clients will open a second connection to actually connect to the interactive console session. You need to open a series of ports to support these connections.
If you run tcpdump on the machine you're running the console client on you'll see your client open a second connection.

Check out the "secondaryport" directive in the console.cf man page.

-Jason

--
Jason White
Re: conserver/firewall [ In reply to ]
jdwhite at menelos
Feb 5, 2013, 6:44 PM
Post #3 of 4 (2196 views)
Permalink
On Tuesday, February 5, 2013 at 8:37 PM, Jason White wrote:
> Sounds like the connections to the secondary port are being blocked by your firewall.
> In addition to port 782, conserver clients will open a second connection to actually connect to the interactive console session. You need to open a series of ports to support these connections.
> If you run tcpdump on the machine you're running the console client on you'll see your client open a second connection.
>
> Check out the "secondaryport" directive in the console.cf man page.

Apologies, but that should be the conserver.cf man page.

-Jason

--
Jason White
Re: conserver/firewall [ In reply to ]
dclarkjr at wowway
Feb 23, 2013, 9:25 AM
Post #4 of 4 (2193 views)
Permalink
Sorry for the delayed response - that was my problem.
Thanks!

On 02/05/2013 09:44 PM, Jason White wrote:
> On Tuesday, February 5, 2013 at 8:37 PM, Jason White wrote:
>> Sounds like the connections to the secondary port are being blocked
>> by your firewall.
>> In addition to port 782, conserver clients will open a second
>> connection to actually connect to the interactive console session.
>> You need to open a series of ports to support these connections.
>> If you run tcpdump on the machine you're running the console client
>> on you'll see your client open a second connection.
>>
>> Check out the "secondaryport" directive in the console.cf man page.
>
> Apologies, but that should be the conserver.cf man page.
>
> -Jason
>
> --
> Jason White
>
>
> _______________________________________________
> users mailing list
> users@conserver.com
> https://www.conserver.com/mailman/listinfo/users

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal