Ticket ID: SIXXS #538961 Ticket Status: Invalid PoP: gblon02 - Goscomb Technologies (London)
sixxs-aiccu: Couldn't connect to the TIC server 77.75.104.126
Shadow Hawkins on Thursday, 21 June 2007 04:15:07
I have read and followed the "Reporting Problems" section on the Contact page and am providing the following details for this report based on the list of items stated there:
gateway3% uname -a
FreeBSD gateway3.doylestr.lan 6.2-STABLE FreeBSD 6.2-STABLE #13: Fri Apr 6 16:20:14 EST 2007 root@gateway3.doylestr.lan:/usr/obj/usr/src/sys/GENERIC-FW i386
sixxs-aiccu issues SYN from 203.206.177.213 -> 77.75.104.126 port 3874
and receives the reply:
RST, ACK from 77.75.104.126 -> 203.206.177.21
My config file is:
gateway3% cat /usr/local/etc/aiccu.conf
# AICCU Configuration
# Login information (defaults: none)
#username <your nichandle/username>
#password <your password>
username=******
password=*******
# Protocol and server to use for setting up the tunnel (defaults: none)
#protocol <tic|tsp|l2tp>
#server <server to use>
protocol tsp
server 77.75.104.126
#server tic://tic.sixxs.net
# Interface names to use (default: aiccu)
# ipv6_interface is the name of the interface that will be used as a tunnel interface.
# On *BSD the ipv6_interface should be set to gifX (eg gif0) for proto-41 tunnels
# or tunX (eg tun0) for AYIYA tunnels.
ipv6_interface sixxs
# The tunnel_id to use (default: none)
# (only required when there are multiple tunnels in the list)
#tunnel_id Txxxx
tunnel_id T11948
# Be verbose? (default: false)
verbose true
# Daemonize? (default: true)
# Set to false if you want to see any output
# When true output goes to syslog
#
# WARNING: never run AICCU from DaemonTools or a similar automated
# 'restart' tool/script. When AICCU does not start, it has a reason
# not to start which it gives on either the stdout or in the (sys)log
# file. The TIC server *will* automatically disable accounts which
# are detected to run in this mode.
#
daemonize true
# Automatic Login and Tunnel activation?
automatic true
# Require TLS?
# When set to true, if TLS is not supported on the server
# the TIC transaction will fail.
# When set to false, it will try a starttls, when that is
# not supported it will continue.
# In any case if AICCU is build with TLS support it will
# try to do a 'starttls' to the TIC server to see if that
# is supported.
requiretls false
# PID File
#pidfile /var/run/aiccu.pid
# Add a default route (default: true)
#defaultroute true
# Script to run after setting up the interfaces (default: none)
#setupscript /usr/local/etc/aiccu-subnets.sh
# Make heartbeats (default true)
# In general you don't want to turn this off
# Of course only applies to AYIYA and heartbeat tunnels not to static ones
#makebeats true
# Don't configure anything (default: false)
#noconfigure true
# Behind NAT (default: false)
# Notify the user that a NAT-kind network is detected
#behindnat true
behindnat false
# Local IPv4 Override (default: none)
# Overrides the IPv4 parameter received from TIC
# This allows one to configure a NAT into "DMZ" mode and then
# forwarding the proto-41 packets to an internal host.
#
# This is only needed for static proto-41 tunnels!
# AYIYA and heartbeat tunnels don't require this.
#local_ipv4_override
gateway3%
sixxs-aiccu: Couldn't connect to the TIC server 77.75.104.126
Jeroen Massar on Thursday, 21 June 2007 04:20:52
The TIC server for ALL PoPs is very simply tic.sixxs.net and nothing else unless you are not using SixXS.
"protocol tsp" is not supported, only 'tic' is supported by AICCU.
Which document mentioned that you should change those values? The defaults are fine.
State change: invalid
Jeroen Massar on Thursday, 21 June 2007 04:21:55
The state of this ticket has been changed to invalid
sixxs-aiccu: Couldn't connect to the TIC server 77.75.104.126
Shadow Hawkins on Thursday, 21 June 2007 10:09:13
I have read and followed the "Reporting Problems" section on the Contact page and am providing the following details for this report based on the list of items stated there:
I have changed the protocol to tic and still get the same result as reported in the original ticket.
tsp appeared in the original ticket as I tried it after tic failed.
In addition if I use telnet to tic.sixxs.net on port 3874 I get the following response:
gateway3% telnet tic.sixxs.net 3874
Trying 213.197.29.32...
Connected to noc.ipv4.sixxs.net.
Escape character is '^]'.
200 SixXS TIC Service on noc.sixxs.net ready (http://www.sixxs.net)
^C^C
^]
telnet> quit
Connection closed.
gateway3%
If I telnet to 77.75.104.126 DNS name gblon02.sixxs.net
telnet 77.75.104.126 3874
Trying 77.75.104.126...
telnet: connect to address 77.75.104.126: Connection refused
telnet: Unable to connect to remote host
gateway3%
sixxs-aiccu: Couldn't connect to the TIC server 77.75.104.126
Jeroen Massar on Thursday, 21 June 2007 13:07:14
There is NO TIC server on the PoP (gblon02.sixxs.net)
The tic server is ONLY on tic.sixxs.net
As such you have to have that or the default of commented out in the configuration file. Nothing else.
Posting is only allowed when you are logged in. |