cancel
Showing results for 
Search instead for 
Did you mean: 

Can't access sites hosted on AWS

smcg
Dabbler
Posts: 10
Registered: 06-06-2015

Can't access sites hosted on AWS

Using my Plusnet-provided Sagemcom 2407n router and ADSL, I'm unable to connect to sites hosted on Amazon Web Services.
Here are two examples, which I need to access for work.
Slack:
$ curl -vvv https://slack.com
* Adding handle: conn: 0x7fa219804400
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fa219804400) send_pipe: 1, recv_pipe: 0
* About to connect() to slack.com port 443 (#0)
*  Trying 54.236.247.54...
* Connected to slack.com (54.236.247.54) port 443 (#0)
* Server aborted the SSL handshake
* Closing connection 0
curl: (35) Server aborted the SSL handshake

RightScale:
$ curl -vvv https://my.rightscale.com
* Adding handle: conn: 0x7fde4a804400
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fde4a804400) send_pipe: 1, recv_pipe: 0
* About to connect() to my.rightscale.com port 443 (#0)
*  Trying 54.225.248.151...
* Connected to my.rightscale.com (54.225.248.151) port 443 (#0)
* Server aborted the SSL handshake
* Closing connection 0
curl: (35) Server aborted the SSL handshake

I can access both of these sites if I open a SOCKS proxy to a machine I have access to in the US (which isn't part of AWS), but that's not a great solution. In case it helps, here's the curl command for RightScale run directly from that machine.
$ curl -vvv https://my.rightscale.com ; echo
* Rebuilt URL to: https://my.rightscale.com/
* Hostname was NOT found in DNS cache
*  Trying 54.225.248.151...
* Connected to my.rightscale.com (54.225.248.151) port 443 (#0)
* successfully set certificate verify locations:
*  CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: OU=Domain Control Validated; CN=*.rightscale.com
* start date: 2015-05-14 21:01:39 GMT
* expire date: 2017-05-24 03:00:48 GMT
* subjectAltName: my.rightscale.com matched
* issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certs.godaddy.com/repository/; CN=Go Daddy Secure Certificate Authority - G2
* SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: my.rightscale.com
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Sat, 06 Jun 2015 17:03:12 GMT
< Content-Type: text/html; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Status: 302 Found
< Expires: Mon, 26 Jul 1997 05:00:00 GMT
< Cache-Control: no-cache
< Location: https://my.rightscale.com/session/new
< X-Frame-Options: SAMEORIGIN
< Set-Cookie: rs_gbl=WzMsImVhMWU5MTZlLTBjNmQtMTFlNS1iZmFiLTIyMDAwYjgyMDQyNCIsInVzLTMiLDE0MzM2MTAxOTIsMTQzMzYxNzM5Mix7fSx7fV0AH1j2rauOOgT2pt3AElkWdn0PkFacLr2Bjmhe5guc_4bwTTj_W39mQ1LoQfSbo5wKMEKNCgXSXNNcUv_fIjQMuMebfPEEY-fc_GdpJdPHE9Ig5YVnj0JAT0iyBjSn6tvnkPuPaZlVeBlc9efsC05ad1uznNAbjEtN1ffAzlxYicY%3D; domain=.rightscale.com; path=/; HttpOnly
< Strict-Transport-Security: max-age=31536000; includeSubdomains;
<
* Connection #0 to host my.rightscale.com left intact
<html><body>You are being <a href="https://my.rightscale.com/session/new">redirected</a>.</body></html>

I can access these sites when not using my home broadband, so I am confident the problem is not my laptop. (I also can't access Slack on my phone when using the ADSL, but I can when using 3G.) I don't currently have another router, but I am planning on buying a TP-LINK Archer C7 as the Plusnet router doesn't have some features I need. As that is a pure router, without a modem, I won't be able to test until I have fibre installed on Friday 12 June.
Is there anything I can do to help diagnose this? If the problem is with the router, that's not a problem, but I don't know how I can determine that in the mean time without another ADSL modem + router combination, which I don't want to buy because I won't need it ...
9 REPLIES
smcg
Dabbler
Posts: 10
Registered: 06-06-2015

Re: Can't access sites hosted on AWS

I tried to submit the above as the text of a fault report, but got the below message, which is why I'm posting here.
Quote
Broadband Troubleshooter - Error
There's been a problem
Please try using the Broadband Troubleshooter again in a short while. If you continue to have problems please contact our Support Team for help.
Moderator
Moderator
Posts: 18,528
Thanks: 1,821
Fixes: 225
Registered: 11-01-2008

Re: Can't access sites hosted on AWS

it's working OK on my PN connection, though I'm not using the Sagem.

Customer / Moderator / If it helped click the thumb / If it fixed it click 'This fixed my problem'

smcg
Dabbler
Posts: 10
Registered: 06-06-2015

Re: Can't access sites hosted on AWS

Should add that I reset the router to factory settings, then switched from Fibre to ADSL (long story) and entered my details - no dice.
dvorak - thanks, that's good that it's not a PN-wide issue. That gives me some confidence: if it's the router, I'll be replacing that anyway. If it's something with my ADSL connection, fine, I won't have that for long either.
Community Veteran
Posts: 5,111
Thanks: 465
Fixes: 17
Registered: 10-06-2010

Re: Can't access sites hosted on AWS

Perhaps this is another instance of this which was described as an "incorrect MTU". I don't know if disabling the TR-069 auto setup or setting your computer's MTU to some lower value might workaround the problem.
smcg
Dabbler
Posts: 10
Registered: 06-06-2015

Re: Can't access sites hosted on AWS

That fixed it! Thanks ejs, I'd missed that I could do that myself. (If anyone else comes across this, I set the MTU on my laptop to 1458.)
Mods - feel free to merge this with the other thread.
Plusnet - any chance this can be fixed at the router level, rather than me doing this for all my devices?
ChrissyR
Dabbler
Posts: 22
Registered: 06-06-2015

Re: Can't access sites hosted on AWS

I am having similar issues with the same router.  Can you explain what you did to your laptop please (in non tech language  Smiley) or do you need to have a good knowledge of these things.  Its driving me mad not being able to get on a lot of sites.  Thank you
Moderator
Moderator
Posts: 18,528
Thanks: 1,821
Fixes: 225
Registered: 11-01-2008

Re: Can't access sites hosted on AWS

try this https://support.zen.co.uk/kb/Knowledgebase/Changing-the-MTU-size-in-Windows-Vista-7-or-8 Smiley

Customer / Moderator / If it helped click the thumb / If it fixed it click 'This fixed my problem'

ChrissyR
Dabbler
Posts: 22
Registered: 06-06-2015

Re: Can't access sites hosted on AWS

Thank you (I think  Shocked)  Hope its not as complicated as it looks.
Superuser
Superuser
Posts: 11,916
Thanks: 3,286
Fixes: 22
Registered: 22-08-2007

Re: Can't access sites hosted on AWS