Problems connecting Ammyy Admin

[Guest]

[enry.83]

Hi, I'm trying EFW 2.5.1, with proxy authenticated on Active Directory.
I have no problems with navigation.
I try some remote connections software like logmein, teamviewer and ammyy admin.
Teamviewer have no connection problem, LogMeIn requires username and password in the options field for become active,
but Ammyy admin does not work. It receive the ID but at the bottom of the ammyy window there are an error:

ERROR 1638661: failed to establish connection

I wait for your answer, thanks!

[kashifmax]

I don't know much about ammyy admin but I think the rule might be the issue. What the log (access.log) is saying ?

[enry.83]

That's the last strings of the Access.log

Jun 21 14:08:21 endian squid[4399]: 1340280501.361      0 10.0.0.85 TCP_DENIED/407 3203 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:21 endian squid[4399]: 1340280501.363      0 10.0.0.85 TCP_DENIED/407 3385 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:21 endian squid[4399]: 1340280501.422     58 10.0.0.85 TCP_MISS/000 320 CONNECT 62.75.223.96:443 utente FIRST_UP_PARENT/content1 -
Jun 21 14:08:21 endian squid[4399]: 1340280501.423     56 127.0.0.1 TCP_MISS/200 39 CONNECT 62.75.223.96:443 - DIRECT/62.75.223.96 -
Jun 21 14:08:27 endian squid[4399]: 1340280507.696      0 10.0.0.85 TCP_DENIED/407 3203 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:27 endian squid[4399]: 1340280507.697      0 10.0.0.85 TCP_DENIED/407 3385 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:27 endian squid[4399]: 1340280507.755     57 10.0.0.85 TCP_MISS/000 320 CONNECT 62.75.223.96:443 utente FIRST_UP_PARENT/content1 -
Jun 21 14:08:27 endian squid[4399]: 1340280507.756     55 127.0.0.1 TCP_MISS/200 39 CONNECT 62.75.223.96:443 - DIRECT/62.75.223.96 -
Jun 21 14:08:34 endian squid[4399]: 1340280514.029      0 10.0.0.85 TCP_DENIED/407 3203 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:34 endian squid[4399]: 1340280514.031      0 10.0.0.85 TCP_DENIED/407 3385 CONNECT 62.75.223.96:443 - NONE/- text/html
Jun 21 14:08:34 endian squid[4399]: 1340280514.078     47 10.0.0.85 TCP_MISS/000 320 CONNECT 62.75.223.96:443 utente FIRST_UP_PARENT/content1 -
Jun 21 14:08:34 endian squid[4399]: 1340280514.079     45 127.0.0.1 TCP_MISS/200 39 CONNECT 62.75.223.96:443 - DIRECT/62.75.223.96 -

[kashifmax]

The proxy authentication is happening because the client and squid requests credentials "TCP_DENIED/407" then the client repeats with credentials and gets admitted. But if it's looping back (credentials must be correct if any) than you have to dig in squid.conf. Try to add a rule for denied IP's in squid.conf.

Remember, if you add any new rule than it should be before "deny all". I think team viewer and log me in are enough :-)

[enry.83]

Hi, thanks for your answer!

But you mean that I've to exclude the external IP of the Ammyy router = 62.75.223.96

or my internal ip = 10.0.0.85 for bypass the authentication?

Thanks again!

[kashifmax]

Here it is.

To allow 10.0.0.85 everything (IP must be static, if you want to use mac address than use arp instead of src).

Code:

acl ammyadmin src 10.0.0.85
http_access allow ammyadmin

Or allow 62.75.223.96 to be accessed by all.

Code:

acl ammyadmin dstdomain 62.75.223.96
http_access allow ammyadmin

Read more about squid here...
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch32_:_Controlling_Web_Access_with_Squid