the connection doesn't work. Client sees the > following error: > console: connect(): 60876@home.somedomain.com (mailto:60876@home.somedomain.com): Connection timed out > > Sounds like the connections to the secondary port are being blocked by your firewall. In addition to port 782, conserver clients will open a second connection to actually connect to the interactive console session. You need to open a series of ports to support these connections. If you run tcpdump on the machine you're running the console client on you'll see your client open a second connection. Check out the "secondaryport" directive in the console.cf man page. -Jason -- Jason White --5111c1f2_555c55b5_416c Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline

On T= uesday, =46ebruary 5, 2013 at 8:09 PM, Donald Clark wrote:

On the local LAN the console/con= server are working fine. When I go
through the firewall I can = see the packets landing on the server
(tcpdump) but the server= sends a =46IN before the connection happens. The
conserver lo= g files are clean (don't see a connection at all) for the
exte= rnal user (but I can see the connection via tcpdump. In my
con= server.cf I have a trusted 0.0.0.0/0 but is it possible that outside
connections are not being allowed=3F Just thought I would ask, bef= ore I go
down a path that someone else already went down.
The client can issue console -u and get the list of consoles. But w= hen
doing console <name> the connection doesn't work. Cl= ient sees the
following error:
console: connect(): <= a href=3D=22mailto:60876=40home.somedomain.com=22>60876=40home.somedomain= .com: Connection timed out

Sounds like the connections to the secondary port are bein= g blocked by your firewall.

In addition to port 782, conserver = clients will open a second connection to actually connect to the int= eractive console session. You need to open a series of ports to sup= port these connections.

If you run tcpdump on the machine you'r= e running the console client on you'll see your client open a second conn= ection.

Check out the =22secondaryport=22 direct= ive in the console.cf man page.

-Jason

Jason White

<= /div> --5111c1f2_555c55b5_416c-- From jdwhite@menelos.com Wed Feb 6 02:44:56 2013 Received: from mail-ia0-f178.google.com (mail-ia0-f178.google.com [209.85.210.178]) by underdog.stansell.org (8.14.5/8.14.5) with ESMTP id r162inHI014701 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK) for ; Wed, 6 Feb 2013 02:44:56 GMT Received: by mail-ia0-f178.google.com with SMTP id y26so969437iab.23 for ; Tue, 05 Feb 2013 18:44:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:date:from:to:message-id:in-reply-to:references:subject :x-mailer:mime-version:content-type:x-gm-message-state; bh=o6ALOnvHeapyCa5ONgSeH26bizbZQ9ExF6/Kqvnghxw=; b=GyUyVOQZE0ecLAz/lBaAWSkuygR0t1pxlskWb27XUVyHSacjf5HycjtBC341p8iLah AnejqkcTvPX2DVe/n9Xv/QhIScIxsqh3vN3LlKXh3AKI/X81pEd67EwItPC1nAYDmmko vpLFkysxbf1UwPOsQ0goX8qpwPT172x25ROcGTL9drpXjWD62oTJWChb61TtuY+5nqke LcrnJQwp0gPB01YTLdnUr9RdESvn9jUlu5iE1dke5dpwjtMuCPzaJBU3PV5B20TSaXXx 0p3E4Tw3kZVwW7sWe4GeB9VfEJn6pULZcc3oAnpCkB/NguNyP2yRVkGg/B5H3l+SQwEC UFaA== X-Received: by 10.50.1.201 with SMTP id 9mr2582957igo.80.1360118689522; Tue, 05 Feb 2013 18:44:49 -0800 (PST) Received: from [192.168.69.11] (173-22-47-75.client.mchsi.com. [173.22.47.75]) by mx.google.com with ESMTPS id rd10sm914044igb.1.2013.02.05.18.44.48 (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 05 Feb 2013 18:44:48 -0800 (PST) Date: Tue, 5 Feb 2013 20:44:46 -0600 From: Jason White To: users@conserver.com Message-ID: <7DA943DB8D62410BABE3AFC6E19715F2@menelos.com> In-Reply-To: <11F46F605EA24495A4E67636686797C1@menelos.com> References: <5111BB6A.6040207@wowway.com> <11F46F605EA24495A4E67636686797C1@menelos.com> Subject: Re: conserver/firewall X-Mailer: sparrow 1.6.4 (build 1178) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="5111c39e_1fbfe8e0_416c" X-Gm-Message-State: ALoCoQktP8cORWbBt8UiIQz9typS7kv9ilgSam43mmexBdqd0lsIQo7MmCTIBtfsTsPstRhRAKcl X-Spam-Score: -1.499 () BAYES_00,HTML_MESSAGE X-Scanned-By: MIMEDefang 2.72 on 198.151.248.21 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.12 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2013 02:44:56 -0000 --5111c39e_1fbfe8e0_416c Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline On Tuesday, February 5, 2013 at 8:37 PM, Jason White wrote: > Sounds like the connections to the secondary port are being blocked by your firewall. > In addition to port 782, conserver clients will open a second connection to actually connect to the interactive console session. You need to open a series of ports to support these connections. > If you run tcpdump on the machine you're running the console client on you'll see your client open a second connection. > > Check out the "secondaryport" directive in the console.cf man page. Apologies, but that should be the conserver.cf man page. -Jason -- Jason White --5111c39e_1fbfe8e0_416c Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline

On T= uesday, =46ebruary 5, 2013 at 8:37 PM, Jason White wrote:

Sounds like the connections to the secondary port ar= e being blocked by your firewall.

In addition to port 782, cons= erver clients will open a second connection to actually connect to t= he interactive console session. You need to open a series of ports = to support these connections.

If you run tcpdump on the machine= you're running the console client on you'll see your client open a secon= d connection.

Check out the =22secondaryport=22 = directive in the console.cf man page.

<= /div>

Apologies, but that should be the conserver.cf man page.

<= div>

-Jason

Jason White

--5111c39e_1fbfe8e0_416c-- From dclarkjr@wowway.com Sat Feb 23 17:25:37 2013 Received: from smtp.mail.wowway.com (smtp.wow.synacor.com [64.8.70.55]) by underdog.stansell.org (8.14.5/8.14.5) with ESMTP id r1NHPULE001980 for ; Sat, 23 Feb 2013 17:25:36 GMT X-Spam-Rating: None X_CMAE_Category: 0,0 Undefined,Undefined X-CNFS-Analysis: v=1.1 cv=eHDUNF5pF0NQ4iSTRpewCbgOS4pabVQL6lthJ8Em464= c=1 sm=0 a=D6wcrpBcUpcA:10 a=AhRLOILGsKkA:10 a=kNWuxzsoAAAA:8 a=mmyi9Uye-LCOvIhMjK0A:9 a=wPNLvfGTeEIA:10 a=bOSjLABcXY8A:10 a=S7zNcXjJAAAA:8 a=v9EAXHfWGb6kC9jFoiAA:9 a=_W_S_7VecoQA:10 a=4VWNYqfs7KkA:10 a=SExh0q_LZU2Ovu8k:21 a=lO/xEZGEGR8lt9ApSyDAMQ==:117 X-CM-Score: 0 X-Scanned-By: MIMEDefang 2.72 on 198.151.248.21 X-Scanned-by: Cloudmark Authority Engine Authentication-Results: smtp02.wow.synacor.com smtp.mail=dclarkjr@wowway.com; spf=neutral Authentication-Results: smtp02.wow.synacor.com smtp.user=dclarkjr@wowway.com; auth=pass (LOGIN) Received-SPF: neutral (smtp02.wow.synacor.com: 69.47.160.20 is neither permitted nor denied by domain of wowway.com) Received: from [69.47.160.20] ([69.47.160.20:1962] helo=[172.16.1.131]) by smtp.mail.wowway.com (envelope-from ) (ecelerity 2.2.2.40 r(29895/29896)) with ESMTPA id 5A/39-23754-A8BF8215; Sat, 23 Feb 2013 12:25:30 -0500 Message-ID: <5128FB8A.5000201@wowway.com> Date: Sat, 23 Feb 2013 12:25:30 -0500 From: Donald Clark User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2 MIME-Version: 1.0 To: Jason White Subject: Re: conserver/firewall References: <5111BB6A.6040207@wowway.com> <11F46F605EA24495A4E67636686797C1@menelos.com> <7DA943DB8D62410BABE3AFC6E19715F2@menelos.com> In-Reply-To: <7DA943DB8D62410BABE3AFC6E19715F2@menelos.com> Content-Type: multipart/alternative; boundary="------------020803000102070807050505" X-Spam-Score: -1.499 () BAYES_00,HTML_MESSAGE Cc: users@conserver.com X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.12 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Feb 2013 17:25:38 -0000 This is a multi-part message in MIME format. --------------020803000102070807050505 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sorry for the delayed response - that was my problem. Thanks! On 02/05/2013 09:44 PM, Jason White wrote: > On Tuesday, February 5, 2013 at 8:37 PM, Jason White wrote: >> Sounds like the connections to the secondary port are being blocked >> by your firewall. >> In addition to port 782, conserver clients will open a second >> connection to actually connect to the interactive console session. >> You need to open a series of ports to support these connections. >> If you run tcpdump on the machine you're running the console client >> on you'll see your client open a second connection. >> >> Check out the "secondaryport" directive in the console.cf man page. > > Apologies, but that should be the conserver.cf man page. > > -Jason > > -- > Jason White > > > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users --------------020803000102070807050505 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit

Sorry for the delayed response - that was my problem.
Thanks!

On 02/05/2013 09:44 PM, Jason White wrote:

On Tuesday, February 5, 2013 at 8:37 PM, Jason White wrote:

Sounds like the connections to the secondary port are being blocked by your firewall.

In addition to port 782, conserver clients will open a second connection to actually connect to the interactive console session. You need to open a series of ports to support these connections.

If you run tcpdump on the machine you're running the console client on you'll see your client open a second connection.

Check out the "secondaryport" directive in the console.cf man page.

Apologies, but that should be the conserver.cf man page.

-Jason

--

Jason White
_______________________________________________
users mailing list
users@conserver.com
https://www.conserver.com/mailman/listinfo/users

--------------020803000102070807050505--