Suspected Router/Firewall Issue - Can't process online payments

Hi Dave,

This connecting message that never connects means that you can’t connect to port 443 through all of the hops you see in the tracert; in other words you are not successful in you connection attempt.

I would then start to do the same process for the closest I.P. on the tracert and see if you can connect. If you are unsuccessful then you may have a port forwarding problem in your or one of the downstream routers.

Steve

Hey Steve,

Which IP were you referring to? The 195.66.237.1 443 which is the failed one…or the 77.246.38.189 which is the one that I didn’t get the error for and is also the last ‘hop’ in the screen shot.

Many thanks!

Dave

First try 192.168.1.254 this likely the internal address of your router.

Then if that passes try 217.47.214.186.

The process is to go through them one by one to see if the connection fails somewhere at the beginning or the middle as we know that it is failing at the end.

Hello,

It looks like the second one (IP 217.47.214.186) gave me this first "Could not open connection to the host , on port 443: Connect failed

Do I need to test the rest of these? Where do we go from here?

Cheers,

Dave

I would recommend that you get your collegue to try the same tracert and then subsequent telnet to see if your hops are resolving the same way. You do not need to do any more of these tests this shows that your not making past there with your request.

Here is a screen shot of the IP’s I tested and their results…I don’t know what it means but I’m sure it means something! LOL

Does this help?

Cheers,

Dave

Hi Dave,

Please also get your colleague to try the telnet to the 1st and 2nd and last I.P.

Coincidentally, they received the same hops as your tracert, so at least it will be a slightly better comparison.

Regards,
Steve

Hey Steve,

I think I should clarify that the images were the results from MY computer set up and not from the office.

I will have their computer here tonight (GMT) and then on the weekend, I will pop to the office and try from there to see what we come up with.

In the meantime, is there anything else I can check from here with my set up? You mentioned some other tools perhaps?

Many thanks!,

Dave

I see. Well it is looking like a) either a router problem (with configuration or just compatability) or a downstream router issue. Clearly this is not so straight forward as you can connect to thttps on port 443 and your Payment Processor says they only use that, so write now - given that your other office can connect we need to see what’s the difference. At the other office I would:

  1. Get the model of their router
  2. Make sure they are using the same I.S.P.
  3. If they are using the same router then log into the configuration of that router - you will need to get the admin password and may have to disconnect their network and plug it into a switch with (your laptop)->switch->router to access the admin; otherwise you may just be able to log into it from a computer connected to the network. Write down/take screen shots of the configuration.

You may also want to rule out a DNS problem. However you access the control panel to perform the payment upload, I would try this using the I.P. and not the host name; like:

  • =1]Let say the site you connect o is https://www.eway.com?processing =1… you would change this to https://77.246.38.189?processing=1
  • =1]In this way you are not using dns (routing via hosts) you are routing by I.P. . By testing it this way you are not affected by any DNS routing only the I.P. routers.
  • =1]If this works using the I.P. then you have a DNS problem.

[INDENT][/INDENT]

Basically as much information as you can collect from your office where it is working may help you get your setup correct.

Regards,
Steve

Hey Steve,

I tried the IP suggestion real quick and am still getting the same issue. A strange thing though, when doing it that way, there was a red cross through the https lock and letters https. Not sure what that means…probably nothing as when I clicked it, it still said it secure.

As for the other recommendations, just a quick point. The ISP at my home office is different than the ‘real’ office. How does that affect your recommendations above when look at point 2.

More to come…

Cheers,

Dave

Hi Dave,

The red cross is just telling you that the secure certificate does not match the domain you supplied - because you supplied an I.P. rather than the host name that the certificate is set under.

By doing the I.P. test we have ‘mostly’ ruled out DNS issues. I will elaborate if we need to look at this as a last resort :frowning:

The ISP question is designed to determine what port filtering they perform. If using the same ISP then we would not need to look at the ISP as a piece in the troubleshooting puzzle, however as they are different then your home ISP is still in play.

OK… a quick update.

I just tried my employee’s computer here on the home network and I am still getting the same problem.

I also used my computer and hooked directly up to the router instead of wirelessly…no dice.

I will be taking everything to the office to run some tests there and report back.

Many thanks for the help…input and ideas are always appreciated!

Cheers,

Dave

Hello,

After going to the office and trying the telnet and tracert, it would appear as though my problems are solved.

I think this may come down to a process from within eWay as we haven’t changed anything.

Thanks for all of the help Steve…I learned some new tricks! I really appreciate the time and efforts you put into this.

Cheers,

Dave

Hi Dave,

Glad you think it is solved. One question though, if your laptop works from the office network and other computers on the office network work then, but your laptop doesn’t work from home, then how is it solved? It could still be something with your home router?

Anyhow I am glad you learned a few new tricks, and do really hope it is solved :slight_smile:

Regards,
Steve

Once I tested it back at home, it was working fine. I don’t know exactly what went wrong, how or why…but it’s fixed!

(Watching GBR v CAN in volleyball…CAN is winning. I don’t think volleyball is GBR’s strong point!)

Cheers,

Dave

Ah definitely something on eWay’s side… you probably tipped them off to the problem :wink:

Canadian Volleyball is quite strong but not the strongest. Hope you have fun with the Olympics in your Country :smiley:

Steve

I don’t think they will admit is though…

Cheers,

Dave

No they most certainly won’t, but you, I and a couple hundred other people will know the real truth :smiley: Glad you are on your way and excellent job on providing further (relavant) imformation, even some that you weren’t asked about.

Regards,
Steve