This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: What is the proper mailing list for server issues?

Ok, I spoke too hastily.  It's possible a webserver blocks sites or the ISP blocks.
Also, perhaps can't resolve as Brian suggested.
Looking at your curl and openssl output I see this oddity

"No ALPN negotiated"
"ALPN, server did not agree to a protocol"

According to this site does not support HTTP/2.  Must be using 1.1.

Does this get you a web page?

curl -v --http1.0

You're not doing any port forwarding of 443?




I'm trying from several different machines in the house, some directly connected, as well as any thru the NAT interface.  This is the ONLY site I cannot reach normally.  I have to use the Tor browser to reach the site, and, even then, once I get a new cygwin setup .exe, the list of mirrors doesn't auto-fill because (surprise, surprise) I cannot connect via any known protocol to either or

The SSL certificates I get from a successful Tor hit and an unsuccessful
403 from home are identical

I am concluding that at least the address range 69.12.250.{40-47} are being blocked; and it probably extends beyond that.

Firewall is a Watchguard Firebox running pf_sense.  I get the 403 even with a direct (non-firewalled, non-routed connection)

I have attached two .txt file with runs from two servers within my house, one running NetBSD, one running Windows [thus the importance of cygwin].
Included are runs from 'host'/'nslookup', 'ping', 'traceroute', 'curl' 
and 'openssl'

This is NOT a local firewall issue, otherwise my other machines on different addresses would not have a problem.

smaug is my internal firewall.
stupidhead is the default next hop from said firewall.

"'s nothing to do with"

Sooooo, why else would I get a refusal from the web server from this address when I can connect from elsewhere ** and the SSL certificate is the same ** ??

What am I missing?

"...but there's nothing we can do from here."

Where is "here"? If "here" == "", you can't tell me if my IP is on an internal blacklist (and, moreso, why?)??

On 2017-04-21 08:06, Gluszczak, Glenn wrote:
> Agree, it's nothing to do with
> Check for a firewall on your local machine.  Check your home router to see if it has a firewall with restrictions.
> Perhaps you're passing through a proxy server or firewall at the ISP?
> Try traceroute or wget to analyze what site you're really attaching to.
> On 4/21/2017 2:35 AM, Greywolf wrote:
>> Hello,
>> I am having a server issue that neither I nor my ISP seem to be able
>> to resolve with regards to connecting to -- namely, only
>> from my house, I get a 403 Forbidden.
> This is _your_ problem.  Something has caused you to not be able to reach properly.  What IP address does resolve to?
> Does using the IP address directly work for you?
> $ ping
> Pinging [] with 32 bytes of data:
>> I've been round with my ISP and they are unable to reproduce the
>> issue; the response I get from here is "contact your ISP".  So who do
>> I contact about this?  Not being able to automagically fetch the
>> mirror list is annoying, and not being able to reach the site to see
>> about updates and such is similarly so.
> Understandable but nothing we can do from here.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]