This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to access astaro web-pages after upgrading v7.405 to 7.5

Perhaps i missed a post about the following, appologies for this but on the version 7.5 i am unable to access the https://:4444 and the user portal at https://

When i checked the Contentfilter Log files i see the following message.
2009:09:25-19:50:21 asg httpproxy[4080]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip=1" user="***x" statuscode="502" cached="0" profile="REF_YHbLftoyIP (ProxyProf1)" filteraction="REF_yjZYqDJeSe (UnrestrictedWeb)" size="2145" time="64398 ms" request="0xb2200a68" url="proxy-ip/" exceptions="" error=""

The profile UnrestrictedWeb has no filter on it, all categories are alllowed.
How can i see why it is blocked ?

When checking the packet-filter log file i found the following:
20:13:06 WebAdmin connection attempt TCP
Proxy-LanIP : 49769
→
Proxy-LanIP : 443

[SYN] len=60 ttl=64 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:00:00:00:00:00

The ProxyLanIP is in the allowed network to browse securely.

This happens only when the browser has the proxy config.

regards

This thread was automatically locked due to age.

Parents

0 wingman over 16 years ago

have you tried restarting the http proxy?
Cancel
Vote Up 0 Vote Down

Cancel
0 madifor over 16 years ago in reply to wingman

After the upgrade the machine have been restarted just to clear all.
For some reason it didn't fix the issue.
Is this still an open bug or just an isolated 'upgrade path' issue which should be fixed by a clean install from the 7.5 iso and restore of the configuration ?
Cancel
Vote Up 0 Vote Down

Cancel
0 RFCat_vk_01 over 16 years ago in reply to madifor

Hi,
during beta testing the IPS never detected things at times, but disabling it allowed a problem similar to yours to be overcome.
IPS stopped downloads, interrupted audio streaming, but never registered a hit.

Ian M
Cancel
Vote Up 0 Vote Down

Cancel
0 marub over 16 years ago in reply to RFCat_vk_01

have you tried it with IE or with Firefox.

I have the same problem, it's not possible to login with IE7, with Firefox is all OK

Marcus
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 marub over 16 years ago in reply to RFCat_vk_01

have you tried it with IE or with Firefox.

I have the same problem, it's not possible to login with IE7, with Firefox is all OK

Marcus
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 madifor over 16 years ago in reply to marub

I disabled the Intrution Prevention, but that didn't fix the problem for me.
When i configure the proxy settings under IE or Firefox, i am not able to access the astaro web-pages.
So basicly it is browser independent.

As mentioned before the dropped packets are recorded in the PackterFilter log file.
2009:10:06-20:28:48 asg ulogd[3158]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60005" seq="0" initf="unknown" outitf="lo" dstmac="00:00:00:00:00:00" srcmac="00:00:00:00:00:00" srcip="192.168.10.248" dstip="192.168.10.248" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="49134" dstport="4444" tcpflags="SYN"

I also created a Firewall rule (first rule) to allow traffic coming from it's own network interface to it's own network interface destiantion-port 4444. This rule doesn't prevent to get the dropped packets as shown above.

regards
Cancel
Vote Up 0 Vote Down

Cancel