Re: SSL only works locally

As we've just replied to you by email (please try not to double-post) The fact that it does not work is external to RangerMSP because the service does not 'care' where it is called from and what's its IP address is. From our experience it is most likely a firewall issue - either the port for SSL is blocked or the httpS protocol over it is. Besides, restricting SSL is not currently an option.

Hope this helps.

Re: SSL only works locally

@ nattivillin I'm assuming you have made the necessary adjustment to your firewall to alow the traffic to flow on port 4962?
Also what browser are you using?

Answer to the second question is turn off port forwarding on 4961 in the firewall once everything is working

Re: SSL only works locally

What specifically is the problem? Is it that you cannot login once you get to the logon page or is it that you cannot reach the logon page in the first place?

Re: SSL only works locally

I didnt double post. If you meant dont email and post things, here, i did that for the benefit of the community since they cant read our emails.

We had a slew of issues we had to fix. The primary fix to the problem listed here was a for formatting of the ip address in the ini file. We had the port at the end and commit said that was a nono. Even though that has worked for 5+ years, once we turned on the ssl, it no longer worked for whatever reason.

The other issues we had were local DNS issues. When the request went out for the a record it had to be routed back to us and the internal dns servers didn't know how to translate the external ip of the building to the internal ip of the server. (or something like that).

Commit suggested we add an entry to the local dns server so it worked on the lan as well and it did.

We had to pay someone $200 to get this working for us. Apparently nobody on staff knows enough about certs to get it to work, and i was tired of having customers data flying over the wire unencrypted.

Just thing about what target is going though right now. 70Million accounts compromised. 1/3 of the adult US population.

If one of my clients got hacked and it was found out what we had all their information stored in a system that could be accessed unencrypted we'd be out of business.

Now I just have to find a way to see failed login attempts without manually reading the log every day.

Re: SSL only works locally

Hi Nattivillin, I thought I would share a script I use to email the failed logon attempts to me. It will only email new attempts each time as it logs each line of text scanned in the registry.
I have marked the lines you need to edit clearly so you should all be able to work it out.
copy and paste it to notepad, save it as a .vbs, set it as a scheduled task to run say every 5 minutes, MAKE Sure you execute it with administrative privileges or it wont be able to write to the registry.
hope you enjoy:

Const cdoSendUsingMethod = "http://schemas.microsoft.com/cdo/configuration/sendusing", _
cdoSendUsingPort = 2, _
cdoSMTPServer = "http://schemas.microsoft.com/cdo/configuration/smtpserver"
Const ForReading = 1

Dim intStartAtLine, strFileCreateddate, i, strResults, strTextToScanFor

'who are you mailing to?
strMailto = "EMAILADDRESS GOES HERE"

'default email address the message will be from
strMailFrom = "EMAILFROMADDRESS GOES HERE"

'set SMTP email server address here
strSMTPServer = "MAILSERVER IP GOES HERE"

'full path to the file you wish to monitor
FileToRead = "\\SERVERNAME\<replace-with-the-path-to-the-failed-logins-log-file>"

Set WshShell = WScript.CreateObject("WScript.Shell")

On Error Resume Next
strLastFileCheckedCreateDate = WshShell.RegRead("HKLM\Software\RDScripts\CheckTXT File\CreateDate")
strLastFileLastLineChecked = WshShell.RegRead("HKLM\Software\RDScripts\CheckTXT File\LastLineChecked")

On Error GoTo 0

Set objFSO = WScript.CreateObject("Scripting.FileSystemObject")
Set varFile = objFSO.GetFile(FileToRead)

'add more text to scan for by adding ,"item" to the array below
' for example, to search for two strings:
' array("text1","text2")
arrTextToScanFor = Array("Invalid User Name or Password","error")

strFileCreateDate = varfile.datecreated

If CStr(strFileCreateDate) = CStr(strLastFileCheckedCreateDate) Then
'if the date when the current file was created DOES equal
' the date of the file that was checked last time - it's
' the same file.
'
'so, we would want to CONTINUE the search from where we
' last left off.
'MsgBox "TEST!"
intStartAtLine = strLastFileLastLineChecked


ElseIf strFileCreateDate <> strLastFileCheckedCreateDate Then
'if the date when the current file was created does not equal
' the date of the file that was checked last time - it's
' a new file that has been created.
'
'so, we would want to begin the search from the beginning of
' the file.

intStartAtLine = 0

End If

i = 0
Dim strNextLine
'MsgBox intStartAtLine



Set objTextFile = objFSO.OpenTextFile(FileToRead, ForReading)
Do While objTextFile.AtEndOfStream <> True
If i < CInt(intStartAtLine) Then
objTextFile.skipline
Else
'MsgBox i
strNextLine = objTextFile.Readline
For each strItem in arrTextToScanFor

If InStr(LCase(strNextLine),LCase(strItem)) Then
strResults = strNextLine & vbcrlf & strResults
'MsgBox strResults
End If
Next
End If
i = i + 1

Loop
'MsgBox strResults
objTextFile.close

set WshShell = CreateObject("WScript.Shell")
WshShell.RegWrite "HKLM\Software\RDScripts\CheckTXTFile\FileChec ked" , FileToRead, "REG_SZ"
WshShell.RegWrite "HKLM\Software\RDScripts\CheckTXTFile\CreateDa te", strFileCreateDate, "REG_SZ"
WshShell.RegWrite "HKLM\Software\RDScripts\CheckTXTFile\LastLine Chec ked", i, "REG_SZ"
WshShell.RegWrite "HKLM\Software\RDScripts\CheckTXTFile\LastScan ned" , Now, "REG_SZ"
set WshShell = nothing

If strResults <> "" Then Call sendmail(strMailFrom,strMailTo,"CommitCRM Web Failed Logon alert",strResults)

'------------------------------------------------------------------------
'Function EmailFile - email the warning file
'------------------------------------------------------------------------
Function SendMail(strFrom,strTo,strSubject,strMessage)
Dim iMsg, iConf, Flds
On Error GoTo 0

'// Create the CDO connections.
Set iMsg = CreateObject("CDO.Message")
Set iConf = CreateObject("CDO.Configuration")
Set Flds = iConf.Fields


'// SMTP server configuration.
With Flds
.Item(cdoSendUsingMethod) = cdoSendUsingPort

'// Set the SMTP server address here.
.Item(cdoSMTPServer) = strSMTPServer
.Update
End With

'// Set the message properties.
With iMsg
Set .Configuration = iConf
.To = strMailTo
.From = strMailFrom
.Subject = strSubject
.TextBody = strMessage
End With

'iMsg.HTMLBody = strMessage

'// Send the message.

iMsg.Send ' send the message.

If CStr(err.number) <> 0 Then

Else

End If
End Function

Re: SSL only works locally

Which file is the actual one that logs the attempts?

This is needed for line 18 of the script.

\\server\commitcrm\logs\??

Re: SSL only works locally

No. Please contact us by email for details.

Re: SSL only works locally

Can you just email me? I know you have it on file.

Re: SSL only works locally

Please contact us by email directly. We do not share any security related topic otherwise and the email should be originated from you. Thank you.