Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 10 December 2024, 02:22:26 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Problems connecting Ammyy Admin
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Problems connecting Ammyy Admin  (Read 44802 times)
enry.83
Jr. Member
*
Offline Offline

Posts: 4


« on: Wednesday 20 June 2012, 09:41:42 pm »

Hi, I'm trying EFW 2.5.1, with proxy authenticated on Active Directory.
I have no problems with navigation.
I try some remote connections software like logmein, teamviewer and ammyy admin.
Teamviewer have no connection problem, LogMeIn requires username and password in the options field for become active,
but Ammyy admin does not work. It receive the ID but at the bottom of the ammyy window there are an error:

ERROR 1638661: failed to establish connection

I wait for your answer, thanks!
Logged
kashifmax
Sr. Member
****
Offline Offline

Gender: Female
Posts: 108


« Reply #1 on: Thursday 21 June 2012, 06:22:21 pm »

I don't know much about ammyy admin but I think the rule might be the issue. What the log (access.log) is saying ?
Logged
enry.83
Jr. Member
*
Offline Offline

Posts: 4


« Reply #2 on: Thursday 21 June 2012, 10:11:11 pm »

That's the last strings of the Access.log

Jun 21 14:08:21 endian squid[4399]: 1340280501.361      0 10.0.0.85 TCP_DENIED/407 3203 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:21 endian squid[4399]: 1340280501.363      0 10.0.0.85 TCP_DENIED/407 3385 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:21 endian squid[4399]: 1340280501.422     58 10.0.0.85 TCP_MISS/000 320 CONNECT 62.75.223.96:443 utente FIRST_UP_PARENT/content1 -
Jun 21 14:08:21 endian squid[4399]: 1340280501.423     56 127.0.0.1 TCP_MISS/200 39 CONNECT 62.75.223.96:443 - DIRECT/62.75.223.96 -
Jun 21 14:08:27 endian squid[4399]: 1340280507.696      0 10.0.0.85 TCP_DENIED/407 3203 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:27 endian squid[4399]: 1340280507.697      0 10.0.0.85 TCP_DENIED/407 3385 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:27 endian squid[4399]: 1340280507.755     57 10.0.0.85 TCP_MISS/000 320 CONNECT 62.75.223.96:443 utente FIRST_UP_PARENT/content1 -
Jun 21 14:08:27 endian squid[4399]: 1340280507.756     55 127.0.0.1 TCP_MISS/200 39 CONNECT 62.75.223.96:443 - DIRECT/62.75.223.96 -
Jun 21 14:08:34 endian squid[4399]: 1340280514.029      0 10.0.0.85 TCP_DENIED/407 3203 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:34 endian squid[4399]: 1340280514.031      0 10.0.0.85 TCP_DENIED/407 3385 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:34 endian squid[4399]: 1340280514.078     47 10.0.0.85 TCP_MISS/000 320 CONNECT 62.75.223.96:443 utente FIRST_UP_PARENT/content1 -
Jun 21 14:08:34 endian squid[4399]: 1340280514.079     45 127.0.0.1 TCP_MISS/200 39 CONNECT 62.75.223.96:443 - DIRECT/62.75.223.96 -
Logged
kashifmax
Sr. Member
****
Offline Offline

Gender: Female
Posts: 108


« Reply #3 on: Sunday 24 June 2012, 12:04:40 am »

The proxy authentication is happening because the client and squid requests credentials "TCP_DENIED/407" then the client repeats with credentials and gets admitted. But if it's looping back (credentials must be correct if any) than you have to dig in squid.conf. Try to add a rule for denied IP's in squid.conf.

Remember, if you add any new rule than it should be before "deny all". I think team viewer and log me in are enough :-)
Logged
enry.83
Jr. Member
*
Offline Offline

Posts: 4


« Reply #4 on: Monday 25 June 2012, 10:36:45 pm »

Hi, thanks for your answer!

But you mean that I've to exclude the external IP of the Ammyy router = 62.75.223.96

or my internal ip = 10.0.0.85 for bypass the authentication?

Thanks again!
Logged
kashifmax
Sr. Member
****
Offline Offline

Gender: Female
Posts: 108


« Reply #5 on: Wednesday 27 June 2012, 08:04:10 pm »

Here it is.

To allow 10.0.0.85 everything (IP must be static, if you want to use mac address than use arp instead of src).
Code:
acl ammyadmin src 10.0.0.85
http_access allow ammyadmin

Or allow 62.75.223.96 to be accessed by all.
Code:
acl ammyadmin dstdomain 62.75.223.96
http_access allow ammyadmin

Read more about squid here...
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch32_:_Controlling_Web_Access_with_Squid
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.109 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com