Ticket ID: SIXXS #10567350 Ticket Status: Remote Problem PoP: chzrh02 - Init7 AG (Zurich)
aiccu tls error via swisscom gprs usb modem
Shadow Hawkins on Tuesday, 26 November 2013 10:38:51
Hi,
aiccu works fine via our own office network. However when I try via our Swisscom Internet USB dongle, aiccu fails to start:
# tail -f /var/log/syslog &
# aiccu test
Nov 26 10:29:24 cerberus aiccu[3307]: sock_getline() : "200 SixXS TIC Service on nlhaa01.sixxs.net ready (http://www.sixxs.net)"
Nov 26 10:29:24 cerberus aiccu[3307]: sock_printf() : "client TIC/draft-00 AICCU/2007.01.15-console-linux Linux/3.2.0-4-486"
Nov 26 10:29:25 cerberus aiccu[3307]: sock_getline() : "200 Client Identity accepted"
Nov 26 10:29:25 cerberus aiccu[3307]: sock_printf() : "get unixtime"
Nov 26 10:29:25 cerberus aiccu[3307]: sock_getline() : "200 1385461765"
Nov 26 10:29:25 cerberus aiccu[3307]: sock_printf() : "starttls"
Nov 26 10:29:26 cerberus aiccu[3307]: sock_getline() : "200 Go ahead, we are now talking securely"
Nov 26 10:29:26 cerberus aiccu[3307]: TLS Handshake failed: An unexpected TLS packet was received. (-15)
Nov 26 10:29:26 cerberus aiccu[3307]: Couldn't retrieve first tunnel for the above reason, aborting
IPv4 networking is working, with a default route via ppp0 (which has a 10.0.0.0/8 IP):
# ping sixxs.net
PING sixxs.net (213.197.30.67) 56(84) bytes of data.
64 bytes from gatey.sixxs.net (213.197.30.67): icmp_req=1 ttl=52 time=398 ms
64 bytes from gatey.sixxs.net (213.197.30.67): icmp_req=2 ttl=52 time=337 ms
64 bytes from gatey.sixxs.net (213.197.30.67): icmp_req=3 ttl=52 time=359 ms
64 bytes from gatey.sixxs.net (213.197.30.67): icmp_req=4 ttl=52 time=554 ms
64 bytes from gatey.sixxs.net (213.197.30.67): icmp_req=5 ttl=52 time=370 ms
64 bytes from gatey.sixxs.net (213.197.30.67): icmp_req=6 ttl=52 time=326 ms
^C64 bytes from gatey.sixxs.net (213.197.30.67): icmp_req=7 ttl=52 time=304 ms
--- sixxs.net ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6026ms
rtt min/avg/max/mdev = 304.175/378.727/554.813/77.351 ms
I wonder if Swisscom is poking around in the packet, or do not want people starting tunnels on their 3G network.
Thanks for any help,
regards,
Thorben
aiccu tls error via swisscom gprs usb modem
Shadow Hawkins on Tuesday, 26 November 2013 11:57:39
You can close this ticket.
It also stopped working via our network. Rebooting didn't help, but it seems a poweroff/on did. (Or maybe the wait over lunch)
Either way it appears to be working via swisscom and our own network, again.
aiccu tls error via swisscom gprs usb modem
Jeroen Massar on Tuesday, 26 November 2013 12:45:25 Nov 26 10:29:26 cerberus aiccu[3307]: sock_getline() : "200 Go ahead, we are now talking securely" Nov 26 10:29:26 cerberus aiccu[3307]: TLS Handshake failed: An unexpected TLS packet was received. (-15) Nov 26 10:29:26 cerberus aiccu[3307]: Couldn't retrieve first tunnel for the above reason, aborting
Only wireshark will be able to tell what really went wrong there (well, maybe not if the TLS stream was active already).
I wonder if Swisscom is poking around in the packet, or do not want people starting tunnels on their 3G network.
They should not. You are behind a NAT already and paying a rather large amount for the connectivity.
Posting is only allowed when you are logged in. |