I have a VPN site to site configuration Fortinet800C and Google Cloud VPN as link: https://cloud.google.com/files/CloudVPNGuide-UsingCloudVPNwithFortinetFortiGate300C.pdf.
But it's not successful.The logs look like this repeated over and over:
16:43:36.240
sending packet: from 146.148.29.x[500] to 27.72.57.x[500] (640 bytes)
16:43:36.547
received packet: from 27.72.57.x[500] to 146.148.29.x[500] (360 bytes)
16:43:36.548
parsed IKE_SA_INIT request 0 [ SA KE No ]
16:43:36.548
27.72.57.x is initiating an IKE_SA
16:43:36.559
generating IKE_SA_INIT response 0 [ SA KE No N(MULT_AUTH) ]
16:43:36.559
sending packet: from 146.148.29.x[500] to 27.72.57.x[500] (384 bytes)
16:43:36.565
received packet: from 27.72.57.x[500] to 146.148.29.x[500] (360 bytes)
16:43:36.565
parsed IKE_SA_INIT response 0 [ SA KE No ]
16:43:36.571
authentication of '146.148.29.x' (myself) with pre-shared key
16:43:36.571
establishing CHILD_SA vpn_27.72.57.x{1}
16:43:36.571
generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH SA TSi TSr N(EAP_ONLY) ]
16:43:36.572
sending packet: from 146.148.29.x[500] to 27.72.57.x[500] (316 bytes)
16:43:36.885
received packet: from 27.72.57.x[500] to 146.148.29.x[500] (204 bytes)
16:43:36.886
parsed IKE_AUTH request 1 [ IDi AUTH N(MSG_ID_SYN_SUP) SA TSi TSr ]
16:43:36.886
looking for peer configs matching 146.148.29.x[%any]...27.72.57.x[192.168.0.x]
16:43:36.886
no matching peer config found
16:43:36.886
generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
16:43:36.886
sending packet: from 146.148.29.x[500] to 27.72.57.x[500] (76 bytes)
16:43:36.891
received packet: from 27.72.57.x[500] to 146.148.29.x[500] (124 bytes)
16:43:36.891
parsed IKE_AUTH response 1 [ IDr AUTH N(TS_UNACCEPT) ]
16:43:36.891
authentication of '192.168.0.x' with pre-shared key successful
16:43:36.891
constraint check failed: identity '27.72.57.x' required
16:43:36.891
selected peer config 'vpn_27.72.57.x' inacceptable: constraint checking failed
16:43:36.891
no alternative config found
16:43:36.891
generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
16:43:36.891
sending packet: from 146.148.29.x[500] to 27.72.57.x[500] (76 bytes)
16:43:37.887
received packet: from 27.72.57.x[500] to 146.148.29.x[500] (360 bytes)
16:43:37.888
parsed IKE_SA_INIT request 0 [ SA KE No ]
16:43:37.888
27.72.57.140 is initiating an IKE_SA
16:43:37.900
generating IKE_SA_INIT response 0 [ SA KE No N(MULT_AUTH) ]
I'd be very grateful if someone can spot my mistake. Thank you.
My guess is that cloud VPN and Fortinet device are not configured to the same IKE version. Please check that.
Also, try looking at the status message of the VPN as displayed in the cloud console, or using 'gcloud compute vpn-tunnels describe' in command line.
It looks like one or more of the phase 1 setting did not match up on both sides. Without looking at the actual config, I cannot determine. But generally, check the pre-shared key, authentication and encryption algorithm, DH groups, IP of the remote gateway and the outgoing interface of the connection. These factors have to match. Also, if you have NAT-Traversal enabled on one end, it has to be enabled on the other end as well.
I agree with the previous answers. The logs says, that phase 1 could not be established. So the parameters are not equal.
It seems, that the psi (pre-shared key) is equal:
"authentication of '192.168.0.x' with pre-shared key successful"
Related
I am trying to reach my local server via IPv6 which is failing due to certificate issues.
E.g. the nextcloud client gives following error:
$nextcloudcmd --trust --logdebug Nextcloud https://nextcloud.domain.de
10-20 12:47:43:798 [ info nextcloud.sync.accessmanager ]: 2 "" "https://nextcloud.domain.de/ocs/v1.php/cloud/capabilities?format=json" has X-Request-ID "19a2a694-1912-4813-b3f5-2d4d5720fa80"
10-20 12:47:43:799 [ info nextcloud.sync.networkjob ]: OCC::JsonApiJob created for "https://nextcloud.domain.de" + "ocs/v1.php/cloud/capabilities" ""
10-20 12:47:43:955 [ info nextcloud.sync.account ]: "SSL-Errors happened for url \"https://nextcloud.domain.de/ocs/v1.php/cloud/capabilities?format=json\" \tError in QSslCertificate(\"3\", \"f9:8e:0f:4f:bd:4b:a3:5f\", \"hkXxG7tBu+SGaRSBZ9gRyw==\", \"<hostname>.domain.de\", \"<hostname>.domain.de\", QMap((1, \"www.fritz.nas\")(1, \"fritz.nas\")(1, \"<WiFi-Name>\")(1, \"www.myfritz.box\")(1, \"myfritz.box\")(1, \"www.fritz.box\")(1, \"fritz.box\")(1, \"<hostname>.domain.de\")), QDateTime(2019-10-19 12:32:25.000 UTC Qt::UTC), QDateTime(2038-01-15 12:32:25.000 UTC Qt::UTC)) : \"The host name did not match any of the valid hosts for this certificate\" ( \"The host name did not match any of the valid hosts for this certificate\" ) \n \tError in QSslCertificate(\"3\", \"f9:8e:0f:4f:bd:4b:a3:5f\", \"hkXxG7tBu+SGaRSBZ9gRyw==\", \"<hostname>.domain.de\", \"<hostname>.domain.de\", QMap((1, \"www.fritz.nas\")(1, \"fritz.nas\")(1, \"<WiFi-Name>\")(1, \"www.myfritz.box\")(1, \"myfritz.box\")(1, \"www.fritz.box\")(1, \"fritz.box\")(1, \"<hostname>.domain.de\")), QDateTime(2019-10-19 12:32:25.000 UTC Qt::UTC), QDateTime(2038-01-15
12:32:25.000 UTC Qt::UTC)) : \"The certificate is self-signed, and untrusted\" ( \"The certificate is self-signed, and untrusted\" ) \n " Certs are known and trusted! This is not an actual error.
10-20 12:47:43:964 [ warning nextcloud.sync.networkjob ]: QNetworkReply::ProtocolInvalidOperationError "Server replied \"400 Bad Request\" to \"GET https://nextcloud.domain.de/ocs/v1.php/cloud/capabilities?format=json\"" QVariant(int, 400)
10-20 12:47:43:964 [ info nextcloud.sync.networkjob.jsonapi ]: JsonApiJob of QUrl("https://nextcloud.domain.de/ocs/v1.php/cloud/capabilities?format=json") FINISHED WITH STATUS "ProtocolInvalidOperationError Server replied \"400 Bad Request\" to \"GET https://nextcloud.domain.de/ocs/v1.php/cloud/capabilities?format=json\""
10-20 12:47:43:964 [ warning nextcloud.sync.networkjob.jsonapi ]: Network error: "ocs/v1.php/cloud/capabilities" "Server replied \"400 Bad Request\" to \"GET https://nextcloud.domain.de/ocs/v1.php/cloud/capabilities?format=json\"" QVariant(int, 400)
10-20 12:47:43:964 [ debug default ] [ main(int, char**)::<lambda ]: Server capabilities QJsonObject()
Error connecting to server
I wonder why Fritzbox tries to request via .domain.de instead of nextcloud.domain.de.
Can anyone point me into the right direction?
Okay got information from the Site (German: https://avm.de/service/fritzbox/fritzbox-7580/wissensdatenbank/publication/show/3525_Zugriff-auf-HTTPS-Server-im-Heimnetz-nicht-moglich#zd) which led me to following conclusion.
As you do not have NAT for IPv6 addresses and the fritzbox cannot do it as well, the IPv6 has to be from the server. Thus one solution I found is ddclient. By installing it on your GNU\Linux server it will update the IPv6 address at your DynDNS provider.
But one thing is still open. I cannot get IPv4 and IPv6 updated.
Is there any possibility to autoscale deployment with Openshift Origin 1.5.0 (kubernetes 1.5.2) and use custom metrics for this purpose?
Kubernetes documentation states that autoscaling with custom metrics are being supported from version 1.2. It looks true, just because Openshift horizontal pod autoscaler (HPA) tries to gain some metrics and calculate desired metrics. But my configuration fails to succeed to perform this. Guys, please help me with finding what I am doing wrong with this.
So, what happens:
I have set up a metrics as it is recommended in Origin latest docs (all steps are passed): https://docs.openshift.org/latest/install_config/cluster_metrics.html;
I have an app, which is being deployed with Deployment kind object;
this app exposes custom metrics with http json endpoint;
custom metrics are being collected and stored - this is shown in Openshift origin UI in Metrics tab of corresponding pod;
after I create HPA - some warning about collecting custom metrics appear, it writes something like 'Failed collecting custom metrics, did not recieve metrics for any ready pods';
I create HPA with API version 1 and include an annotation alpha/target.custom-metrics.podautoscaler.kubernetes.io: '{"items":[{"name":"requests_count", "value": "10"}]}';
if I request a deployed heapster app through master-proxy, I receive something like this
{
"metadata": {},
"items": [
{
"metadata": {
"name": "resty-1722683747-kmbw0",
"namespace": "availability-demo",
"creationTimestamp": "2017-05-24T09:50:24Z"
},
"timestamp": "2017-05-24T09:50:00Z",
"window": "1m0s",
"containers": [
{
"name": "resty",
"usage": {
"cpu": "0",
"memory": "2372Ki"
}
}
]
}
]
}
as you can see, there is really no custom metrics, and my custom metrics is named requests_count.
What steps should I take to succeed in implementing custom metrics autoscaling?
Screenshot with custom metrics being collected and exposed via Openshift Console UI
UPDATE:
In openshift master log warning looks like this:
I0524 10:17:47.537985 1 panics.go:76GET /apis/extensions/v1beta1/namespaces/availability-demo/deployments/resty/scale: (3.379724ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.543354 1 panics.go:76] GET /api/v1/proxy/namespaces/openshift-infra/services/https:heapster:/apis/metrics/v1alpha1/namespaces/availability-demo/pods?labelSelector=app%3Dresty: (4.830135ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.553255 1 panics.go:76] GET /api/v1/namespaces/availability-demo/pods?labelSelector=app%3Dresty: (8.864864ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.559909 1 panics.go:76] GET /api/v1/namespaces/availability-demo/pods?labelSelector=app%3Dresty: (5.725342ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.560977 1 panics.go:76] PATCH /api/v1/namespaces/availability-demo/events/resty.14c14bbf8b89534c: (6.385846ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.565418 1 panics.go:76] GET /api/v1/proxy/namespaces/openshift-infra/services/https:heapster:/api/v1/model/namespaces/availability-demo/pod-list/resty-1722683747-kmbw0/metrics/custom/requests_count?start=2017-05-24T10%3A12%3A47Z: (5.015336ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.569843 1 panics.go:76] GET /api/v1/namespaces/availability-demo/pods?labelSelector=app%3Dresty: (4.040029ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.575530 1 panics.go:76] PUT /apis/autoscaling/v1/namespaces/availability-demo/horizontalpodautoscalers/resty/status: (4.894835ms) 200 [[openshift/v1.5.2+43a9be4 (linux/amd64) kubernetes/43a9be4 system:serviceaccount:openshift-infra:hpa-controller] 10.105.8.81:33945]
I0524 10:17:47.575856 1 horizontal.go:438] Successfully updated status for resty
W0524 10:17:47.575890 1 horizontal.go:104] Failed to reconcile resty: failed to compute desired number of replicas based on Custom Metrics for Deployment/availability-demo/resty: failed to get custom metric value: did not recieve metrics for any ready pods
UPDATE: Found what request HPA issues to heapster through proxy to gather custom metrics. This requests always return empty metrics array:
GET /api/v1/proxy/namespaces/openshift-infra/services/https:heapster:/api/v1/model/namespaces/availability-demo/pod-list/availability-example-1694583826-55hqh/metrics/custom/requests_count?start=2017-05-25T13%3A14%3A24Z HTTP/1.1
Host: kubernetes-master:8443
Authorization: Bearer hpa-agent-token
And it returns
{"items":[{"metrics":[],"latestTimestamp":"0001-01-01T00:00:00Z"}]}
UPDATE: It turns out, that HPA requests heapster through proxy, and heapster - in its turn - request "summary" kubernetes api. Then the question is - why kubernetes "summary" api does not answer with metrics for above mentioned request, though the metrics exist?
Might be a wild guess but I had the issue myself on a self made cluster, the 2 things I ran into were token issues where certificate of my HA master setup was not set-up correctly and another issue was regarding my kubedns. Not sure if this is applicable for openshitf.
I've been trying to setup my hmailserver with DKIM.
I was following this guide -> https://www.hmailserver.com/forum/viewtopic.php?t=29402
And I created my keys with this site -> https://www.port25.com/dkim-wizard/
Domain name: linnabary.us
DomainKey Selector: dkim
Key size: 1024
I created a pem file;
-----BEGIN RSA PRIVATE KEY-----
<key>
-----END RSA PRIVATE KEY-----
Saved it and loaded it into hmailserver
When I set this up on NameCheap I selected TXT Record, set my host as #, and put this line in, minus key of course;
v=DKIM1; k=rsa; p=<KEY>
Now when I test with -> http://www.isnotspam.com
It says my DKIM key is as follows;
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: invalid
ID(s) verified: header.From=admin#linnabary.us
Selector=
domain=
DomainKeys DNS Record=._domainkey.
I was wondering if I am making any obvious errors in my record.
Edit;
The email contains the following line;
dkim-signature: v=1; a=rsa-sha256; d=linnabary.us; s=dkim;
This is what the setup looks like on NameCheap;
And here is the next test email from ;
This message is an automatic response from isNOTspam's authentication verifier service. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at .
Thank you for using isNOTspam.
The isNOTspam team
==========================================================
Summary of Results
==========================================================
SPF Check : pass
Sender-ID Check : pass
DKIM Check : invalid
SpamAssassin Check : ham (non-spam)
==========================================================
Details:
==========================================================
HELO hostname: [69.61.241.46]
Source IP: 69.61.241.46
mail-from: admin#linnabary.us
Anonymous To: ins-a64wsfm3#isnotspam.com
---------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mail=admin#linnabary.us
DNS record(s):
linnabary.us. 1799 IN TXT "v=spf1 a mx ip4:69.61.241.46 ~all"
----------------------------------------------------------
Sender-ID check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mail=admin#linnabary.us
DNS record(s):
linnabary.us. 1799 IN TXT "v=spf1 a mx ip4:69.61.241.46 ~all"
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: invalid
ID(s) verified: header.From=admin#linnabary.us
Selector=
domain=
DomainKeys DNS Record=._domainkey.
----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin 3.4.1 (2015-04-28)
Result: ham (non-spam) (04.6points, 10.0 required)
pts rule name description
---- ---------------------- -------------------------------
* 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
* [score: 1.0000]
* -0.0 SPF_HELO_PASS SPF: HELO matches SPF record
* -0.0 SPF_PASS SPF: sender matches SPF record
* 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
* [score: 1.0000]
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Spam-Status: Yes, hits=4.6 required=-20.0 tests=BAYES_99,BAYES_999,
DKIM_SIGNED,RDNS_NONE,SPF_HELO_PASS,SPF_PASS,T_DKIM_INVALID autolearn=no
autolearn_force=no version=3.4.0
X-Spam-Score: 4.6
To learn more about the terms used in the SpamAssassin report, please search
here: http://wiki.apache.org/spamassassin/
==========================================================
Explanation of the possible results (adapted from
draft-kucherawy-sender-auth-header-04.txt):
==========================================================
"pass"
the message passed the authentication test.
"fail"
the message failed the authentication test.
"softfail"
the message failed the authentication test, and the authentication
method has either an explicit or implicit policy which doesn't require
successful authentication of all messages from that domain.
"neutral"
the authentication method completed without errors, but was unable
to reach either a positive or a negative result about the message.
"temperror"
a temporary (recoverable) error occurred attempting to authenticate
the sender; either the process couldn't be completed locally, or
there was a temporary failure retrieving data required for the
authentication. A later retry may produce a more final result.
"permerror"
a permanent (unrecoverable) error occurred attempting to
authenticate the sender; either the process couldn't be completed
locally, or there was a permanent failure retrieving data required
for the authentication.
==========================================================
Original Email
==========================================================
From admin#linnabary.us Wed Apr 12 17:41:22 2017
Return-path: <admin#linnabary.us>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on isnotspam.com
X-Spam-Flag: YES
X-Spam-Level: ****
X-Spam-Report:
* 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
* [score: 1.0000]
* -0.0 SPF_HELO_PASS SPF: HELO matches SPF record
* -0.0 SPF_PASS SPF: sender matches SPF record
* 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
* [score: 1.0000]
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Spam-Status: Yes, hits=4.6 required=-20.0 tests=BAYES_99,BAYES_999,
DKIM_SIGNED,RDNS_NONE,SPF_HELO_PASS,SPF_PASS,T_DKIM_INVALID autolearn=no
autolearn_force=no version=3.4.0
Envelope-to: ins-a64wsfm3#isnotspam.com
Delivery-date: Wed, 12 Apr 2017 17:41:22 +0000
Received: from [69.61.241.46] (helo=linnabary.us)
by localhost.localdomain with esmtp (Exim 4.84_2)
(envelope-from <admin#linnabary.us>)
id 1cyMGg-0007x2-1Q
for ins-a64wsfm3#isnotspam.com; Wed, 12 Apr 2017 17:41:22 +0000
dkim-signature: v=1; a=rsa-sha256; d=linnabary.us; s=dkim;
c=relaxed/relaxed; q=dns/txt; h=From:Subject:Date:Message-ID:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
bh=Ns4aRUgWUtil4fiVnvitgeV+q1K/smEYtRGN497S5Ew=;
b=Nc2Kzrzas0QqMpWM4fnF5o5wLWlWYFxlGlAipe+85H9cwGgc4hvEKUj1UvgB6I2VHUbJ0OGN/sJO9tjWgwlGypaUuW7Q8x/iI0UtC6cn7X6ZLHT+K6A2A6MdoyR1NF4xxvqPadcmcQwnrY0Tth4ycydpQMlBCZS30sc1qUjUrN0=
Received: from [192.168.1.12] (Aurora [192.168.1.12])
by linnabary.us with ESMTPA
; Wed, 12 Apr 2017 13:41:28 -0400
To: ins-a64wsfm3#isnotspam.com
From: Admin <admin#linnabary.us>
Subject: Welcome to Linnabary
Message-ID: <8e8be6cd-6354-aeb9-b577-2b0efc25a1a1#linnabary.us>
Date: Wed, 12 Apr 2017 13:41:28 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
Thunderbird/45.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-DKIM-Status: invalid (pubkey_unavailable)
I honestly have no idea what I should put in here in order to protect
myself from filters, so I'm just making it up as I go.
- Tad
The Host value for your TXT entry should just be dkim._domainkey. Currently your domain key is located at: dkim._domainkey.linnabary.us.linnabary.us, so you're not supposed to add the domain here.
That's why the response to the test email says X-DKIM-Status: invalid (pubkey_unavailable) - the public key can't be found where it is supposed to be.
A Mule flow I have deployed to EC2 cannot send emails to a nodejs "simplesmtp" server running on another EC2 instance. Here are the authentication details for the SMPT server
user: joseph
pass: josephk
port: 2525 (open in security group)
I can send emails to this SMTP server using various clients on other hosts, here's the auth part of a nodejs client:
var smtpTransport = nodemailer.createTransport("SMTP",{
host: 'ec2-54-211-220-210.compute-1.amazonaws.com',
secureConnection: false,
port: 2525,
auth: {
user: "joseph",
pass: "joseph12"
}
});
My Mule smpt endpoint looks like this
<smtp:outbound-endpoint
host="ec2-54-211-220-210.compute-1.amazonaws.com"
port="2525"
user="joseph"
password="joseph12"
to="cleardot#aol.com"
from="joseph#ec2-54-211-220-210.compute-1.amazonaws.com"
subject="Email from Mule ESB"
doc:name="send notification"
/>
My log error is (I hate dumping log files on here but in this case have to)
INFO 2014-11-02 12:03:08,734 [[q2].connector.smtp.mule.default.dispatcher.01] org.mule.lifecycle.AbstractLifecycleManager: Starting: 'connector.smtp.mule.default.dispatcher.1535039248'. Object is: SmtpMessageDispatcher
ERROR 2014-11-02 12:03:08,815 [[q2].connector.smtp.mule.default.dispatcher.01] org.mule.exception.DefaultMessagingExceptionStrategy:
********************************************************************************
Message : Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=smtp://joseph:<password>#ec2-54-211-220-210.compute- 1.amazonaws.com, connector=SmtpConnector
{
name=connector.smtp.mule.default
lifecycle=start
this=54d8fd1a
numberOfConcurrentTransactedReceivers=4
createMultipleTransactedReceivers=true
connected=true
supportedProtocols=[smtp]
serviceOverrides=<none>
, name='endpoint.smtp.joseph.compute.1.amazonaws.com.2525', mep=ONE_WAY, properties={toAddresses=cleardot#aol.com, subject=Email from Mule ESB, fromAddress=joseph#ec2-54-211-220-210.compute-1.amazonaws.com}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: MimeMessage
Code : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. 530 5.5.1 Authentication Required
(com.sun.mail.smtp.SMTPSendFailedException)
com.sun.mail.smtp.SMTPTransport:1829 (null)
2. Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=smtp://joseph:<password>#ec2-54-211-220-210.compute-1.amazonaws.com, connector=SmtpConnector
{
name=connector.smtp.mule.default
lifecycle=start
this=54d8fd1a
numberOfConcurrentTransactedReceivers=4
createMultipleTransactedReceivers=true
connected=true
supportedProtocols=[smtp]
serviceOverrides=<none>
}
, name='endpoint.smtp.joseph.compute.1.amazonaws.com.2525', mep=ONE_WAY, properties={toAddresses=cleardot#aol.com, subject=Email from Mule ESB, fromAddress=joseph#ec2-54-211-220-210.compute-1.amazonaws.com}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: MimeMessage (org.mule.api.transport.DispatchException)
org.mule.transport.AbstractMessageDispatcher:117 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/transport/DispatchException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
com.sun.mail.smtp.SMTPSendFailedException: 530 5.5.1 Authentication Required
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:1829)
at com.sun.mail.smtp.SMTPTransport.mailFrom(SMTPTransport.java:1368)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:886)
+ 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************
INFO 2014-11-02 12:03:09,697 [[q2].processArcMessage.stage1.02] org.mule.api.processor.LoggerMessageProcessor: send alert [B#3c32fb80
ERROR 2014-11-02 12:03:09,706 [[q2].connector.smtp.mule.default.dispatcher.01] org.mule.exception.DefaultMessagingExceptionStrategy:
Other comments:
I tried using joseph#ec2-54-211-220-210.compute-1.amazonaws.com as the user param with no luck.
Am wondering if Mule smpt requires that I use a standard port, or if I must use smpts not smpt.
My SMPT server logs attempts at authentication but sees nothing coming from Mule
Any help appreciated on this and the general issue of sending email from Mule on EC2
Clearly Mule can connect to your server because its response is visible in the logs:
530 5.5.1 Authentication Required
While your server was open to the web (see my comment above), I've noticed that it issued a 250 STARTTLS so I'm thinking that you should probably use the SMTPS transport for Mule, instead of the SMTP one in order to have proper support for TLS.
I tried to start BOSH on ejabberd. My ejabberd.cfg snippet is below:
{5280, ejabberd_http, [
{request_handlers, [
{["xmpp-httpbind"], mod_http_bind}
]},
captcha,
http_bind,
http_poll,
web_admin
]}
http://localhost:5280/http-bind fails to open any page.
And my client getting this response from server
Sent XML:
<iq to='localhost' id='uid:50502b03:00004823' type='get' x
mlns='jabber:client'><query xmlns='jabber:iq:auth'><username>anurag</username></
query></iq>
Received XML:
<iq xmlns='jabber:client' from='localhost' id='uid:505
029df:00004823' type='error'><error code='503' type='cancel'><service-unavailabl
e xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/></error></iq>
Sent XML: </stream:stream>
auth failed. reason: 0
ce: 18
I am using gloox library to create a client.
Did you add {mod_http_bind, []} to your modules section?