MeshCentral login fails with error message "Unable to perform authentication, click to reconnect." when using a dual stack setup (IPv4+IPv6)
Environment
I'm running MeshCentral v0.6.24 behind Nginx v1.19.2 on Debian 10 using NodeJS v12.18.3.
Problem description
I've been using MeshCentral on an IPv4-only server for a little over a year and only switched to a dual stack set up (IPv4+IPv6) a few days ago. Since enabling IPv6 on the server, attempts to log into MeshCentral fail with the error message "Unable to perform authentication, click to reconnect." The only output in the browser console is noauth-2 in meshcentral.js on line 50.
Solutions I've tried
- Changing
"tlsOffload": trueinconfig.jsonto"tlsOffload": [ "127.0.0.1", "::1" ]and/or - Changing
"trustedProxy": "127.0.0.1"inconfig.jsonto"trustedProxy": [ "127.0.0.1", "::1" ]
While making those changes does allow the login to succeed very sporadically, as soon as I connect to an agent, the noauth-2 message pops up in the browser console again and refreshing the page leads to the "Unable to perform authentication, click to reconnect." error message.
Screenshots
MeshCentral config
Spoiler
{
"$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
"settings": {
"agentWsCompression": true,
"aliasPort": 443,
"allowFraming": true,
"allowLoginToken": true,
"cert": "mesh.datahoarder.dev",
"dbRecordsEncryptKey": "<redacted>",
"manageCrossDomain": [ "user//admin" ],
"mongoDb": "<redacted>",
"mongoDbCol": "meshcentral",
"mpsPort": 8443,
"port": 7450,
"redirPort": 7449,
"sessionKey": "<redacted>",
"sessionTime": 60,
"tlsOffload": [ "127.0.0.1", "::1" ],
"trustedProxy": [ "127.0.0.1", "::1" ],
"webRTC": true,
"wsCompression": true
},
"smtp": {
"host": "mail.datahoarder.dev",
"port": 465,
"from": "[email protected]",
"user": "<redacted>",
"pass": "<redacted>",
"tls": true
},
"domains": {
"": {
"agentInviteCodes": true,
"certUrl": "datahoarder.dev:443",
"minify": true,
"newAccounts": true,
"title": "Project Data Hoarder",
"title1": "Project Data Hoarder",
"title2": "",
"titlePicture": ""
}
}
}
Nginx config
Spoiler
server {
listen 88.86.115.98:80;
listen [2a01:28:ca:246::1]:80;
server_name mesh.datahoarder.dev;
return 301 https://mesh.datahoarder.dev$request_uri;
}
server {
listen 88.86.115.98:443 ssl http2;
listen [2a01:28:ca:246::1]:443 ssl http2;
server_name mesh.datahoarder.dev;
ssl_certificate /etc/sssl/certificates/datahoarder.dev.crt;
ssl_certificate_key /etc/ssl/certificates/datahoarder.dev.key;
location / {
proxy_pass http://127.0.0.1:7450;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
bug
whalehub
All 6 comments
Does running:
node node_modules/meshcentral --debug cookie,web,webrequest
Give you any more debug info? You should see the incoming requests realtime.
drnikcuk
on 1 Sep 2020
@drnikcuk Thanks for the pointer, it does indeed. Here's the output from running MeshCentral with those flags and logging into the admin account. The redacted IPv4 and IPv6 address belong to the computer on which I tried to log into MeshCentral.
From what I can tell, the initial web requests are intitiated from the IPv4 address so MeshCentral encodes the cookie for that IP address. But then for some reason, the authenticated web socket request after logging in is made over IPv6 which is rejected by MeshCentral because the IPv6 address naturally doesn't match the IPv4 address of the encoded cookie.
Spoiler
Sep 01 20:02:33 pdh systemd[1]: Started MeshCentral.
Sep 01 20:02:35 pdh node[22385]: MeshCentral HTTP redirection server running on port 7449.
Sep 01 20:02:35 pdh node[22385]: MeshCentral v0.6.24, Hybrid (LAN + WAN) mode, Production mode.
Sep 01 20:02:35 pdh node[22385]: Loaded web certificate from "https://datahoarder.dev:443", host: "mesh.datahoarder.dev"
Sep 01 20:02:35 pdh node[22385]: SHA384 cert hash: 297ca84149fb8fb9a67147a7eb69a7002b38dfc647cf9baf4831d901d83cff82ac192f25f98dd42732afc73efa143639
Sep 01 20:02:35 pdh node[22385]: MeshCentral Intel(R) AMT server running on mesh.datahoarder.dev:8443.
Sep 01 20:02:35 pdh node[22385]: MeshCentral HTTP server running on port 7450, alias port 443.
Sep 01 20:02:36 pdh node[22385]: SMTP mail server mail.datahoarder.dev working as expected.
Sep 01 20:03:10 pdh node[22385]: WEB: handleRootRequestLogin()
Sep 01 20:03:14 pdh node[22385]: WEBREQUEST: (<redacted ipv4>) /
Sep 01 20:03:14 pdh node[22385]: WEB: handleRootPostRequest, action: tokenlogin
Sep 01 20:03:14 pdh node[22385]: WEB: checkUserOneTimePassword()
Sep 01 20:03:14 pdh node[22385]: WEB: checkUserOneTimePassword: success (authenticator).
Sep 01 20:03:14 pdh node[22385]: maxCookieAge 30
Sep 01 20:03:14 pdh node[22385]: COOKIE: Encoded AESGCM cookie: {"userid":"user//admin","expire":43200,"time":1598983394}
Sep 01 20:03:14 pdh node[22385]: WEB: handleLoginRequest: successful 2FA login
Sep 01 20:03:14 pdh node[22385]: WEB: handleLoginRequest: login ok (2)
Sep 01 20:03:14 pdh node[22385]: COOKIE: Encoded AESGCM cookie: {"userid":"user//admin","domainid":"","ip":"<redacted ipv4>","time":1598983394}
Sep 01 20:03:14 pdh node[22385]: COOKIE: Encoded AESGCM cookie: {"ruserid":"user//admin","domainid":"","time":1598983394}
Sep 01 20:03:14 pdh node[22385]: WEB: handleRootRequestEx: success.
Sep 01 20:03:14 pdh node[22385]: WEBREQUEST: (<redacted ipv4>) /serverpic.ashx
Sep 01 20:03:14 pdh node[22385]: WEBREQUEST: (<redacted ipv4>) /commander.htm
Sep 01 20:03:14 pdh node[22385]: WEBREQUEST: (<redacted ipv4>) /scriptblocks.txt
Sep 01 20:03:15 pdh node[22385]: WEBREQUEST: (<redacted ipv6>) /control.ashx/.websocket?auth=<redacted>
Sep 01 20:03:15 pdh node[22385]: COOKIE: Decoded AESGCM cookie: {"userid":"user//admin","domainid":"","ip":"<redacted ipv4>","time":1598983394000,"dtime":1059}
Sep 01 20:03:15 pdh node[22385]: WEB: ERR: Invalid cookie IP address, got "<redacted ipv4>", expected "<redacted ipv6>".
Sep 01 20:03:15 pdh node[22385]: WEB: ERR: Websocket bad cookie auth (Cookie:false): <redacted>
Edit: After looking through the issues, I thought it may be related to #872 or #1315, but adding "CookieEncoding": "hex" to my config.json just results in the same error message about the IP mismatch in the encoded cookie.
Edit: Adding "CookieIpCheck": false to my config.json file allows me to log in and use MeshCentral normally, though this feels like kind of a bandaid fix.
whalehub
on 1 Sep 2020
👍1
Outstanding report and debugging. I was just about to ask if "cookieipcheck": false would fix the problem. Seems it does.
From your notes, the HTTPS requests are coming in on IPv4, but WebSocket is coming in on IPv6. This would cause the problem as the cookie is generated after a HTTPS request, but then used by the WebSocket coming in on IPv6.
I have to go do some testing.
Ylianst
on 1 Sep 2020
👍1
Ok, I installed Nginx v1.19.2 on Windows and used an NGINX config that was as close to what you have as i could make it.
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 127.0.0.1:80;
listen [::1]:80;
server_name central.mesh.meshcentral.com;
return 301 https://central.mesh.meshcentral.com$request_uri;
}
server {
listen 127.0.0.1:443 ssl http2;
listen [::1]:443 ssl http2;
server_name central.mesh.meshcentral.com;
ssl_certificate test-dsa-public.crt;
ssl_certificate_key test-dsa-private.key;
location / {
proxy_pass http://[::1]:4430/;
#proxy_pass http://127.0.0.1:7450;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
}
I then did various tests on ::1 and 127.0.0.1. I need to get HTTPS requests to show up on IPv4 but the websocket request to be on IPv6 and I can't seem to make this happen. In the screen below, you see all the requests coming from the same IP address. The "control.ashx/.websocket" line should be different.
So, I am stumped. It would be interesting to see the NGINX logs. So the browser use IPv4 for HTTPS and IPv6 for websocket? or are they coming in on the same interface by NGINX is doing something different with them. My guess in the second option, but we need the NGINX logs.
Ylianst
on 4 Sep 2020
@Ylianst Here's the full output from the Nginx logs:
Logging into MeshCentral
Spoiler
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:23 +0200] "GET / HTTP/2.0" 200 9276 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:23 +0200] "GET /favicon.ico HTTP/2.0" 200 1986 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:23 +0200] "GET /scripts/common-0.0.1-min.js HTTP/2.0" 200 1487 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:23 +0200] "GET /scripts/u2f-api-min.js HTTP/2.0" 200 2091 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:23 +0200] "GET /styles/style.css HTTP/2.0" 200 9832 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /welcome.png HTTP/2.0" 200 275664 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/twitter32.png HTTP/2.0" 200 844 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/google32.png HTTP/2.0" 200 741 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/azure32.png HTTP/2.0" 200 302 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/jumpcloud32.png HTTP/2.0" 200 956 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/github32.png HTTP/2.0" 200 1148 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/2fa-key-48.png HTTP/2.0" 200 3110 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/2fa-sms-48.png HTTP/2.0" 200 1965 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/intel32.png HTTP/2.0" 200 1039 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/2fa-mail-48.png HTTP/2.0" 200 2107 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/reddit32.png HTTP/2.0" 200 1572 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /images/login/generic32.png HTTP/2.0" 200 759 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:24 +0200] "GET /loginlogo.png HTTP/2.0" 200 9721 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "POST / HTTP/2.0" 200 125608 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /styles/ol.css HTTP/2.0" 200 1315 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/zlib-min.js HTTP/2.0" 200 879 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /styles/xterm.css HTTP/2.0" 200 1769 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/meshcentral-min.js HTTP/2.0" 200 618 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/amt-desktop-0.0.2-min.js HTTP/2.0" 200 4745 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/amt-terminal-0.0.2-min.js HTTP/2.0" 200 3656 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /styles/ol3-contextmenu.min.css HTTP/2.0" 200 2460 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/zlib-adler32-min.js HTTP/2.0" 200 489 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/zlib-crc32-min.js HTTP/2.0" 200 1987 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/amt-wsman-ws-0.2.0-min.js HTTP/2.0" 200 2192 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/agent-redir-ws-0.1.1-min.js HTTP/2.0" 200 2204 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/agent-redir-rtc-0.1.0-min.js HTTP/2.0" 200 757 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/amt-0.2.0-min.js HTTP/2.0" 200 10967 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/agent-desktop-0.0.2-min.js HTTP/2.0" 200 5792 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/xterm-addon-fit-min.js HTTP/2.0" 200 898 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/zlib-inflate-min.js HTTP/2.0" 200 6603 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/filesaver.min.js HTTP/2.0" 200 1230 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/qrcode.min.js HTTP/2.0" 200 7007 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/ol3-contextmenu-min.js HTTP/2.0" 200 3532 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/amt-wsman-0.2.0-min.js HTTP/2.0" 200 2494 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/amt-redir-ws-0.1.0-min.js HTTP/2.0" 200 2038 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/charts-min.js HTTP/2.0" 200 63450 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/xterm-min.js HTTP/2.0" 200 60942 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /scripts/ol-min.js HTTP/2.0" 200 147010 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/link4.png HTTP/2.0" 200 131 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/link6.png HTTP/2.0" 200 198 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /serverpic.ashx HTTP/2.0" 200 71416 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-star-notify-16.png HTTP/2.0" 200 542 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-relay-notify.png HTTP/2.0" 200 384 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-notify.png HTTP/2.0" 200 497 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-chat.png HTTP/2.0" 200 578 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-url2.png HTTP/2.0" 200 605 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-background.png HTTP/2.0" 200 305 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-camera.png HTTP/2.0" 200 584 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-film.png HTTP/2.0" 200 325 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-clipboard-in.png HTTP/2.0" 200 409 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/icon-clipboard-out.png HTTP/2.0" 200 415 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/webp/mesh-256.webp HTTP/2.0" 200 22088 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/webp/user-256.webp HTTP/2.0" 200 4812 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /images/webp/group-256.webp HTTP/2.0" 200 7964 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /sounds/chimes.mp3 HTTP/2.0" 206 8832 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:29 +0200] "GET /commander.htm HTTP/2.0" 200 191377 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:30 +0200] "GET /scriptblocks.txt HTTP/2.0" 200 10300 "https://mesh.datahoarder.dev/commander.htm" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:30 +0200] "GET /logo.png HTTP/2.0" 200 21683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:30 +0200] "GET /images/leftbar-64.png HTTP/2.0" 200 45169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:31 +0200] "GET /images/views.png HTTP/2.0" 200 2842 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:31 +0200] "GET /images/c2.png HTTP/2.0" 200 230 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:31 +0200] "GET /images/key12.png HTTP/2.0" 200 371 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:31 +0200] "GET /images/icons50.png HTTP/2.0" 200 31507 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:33 +0200] "GET /images/icon-addnew.png HTTP/2.0" 200 185 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:33 +0200] "GET /images/meshicon50.png HTTP/2.0" 200 6088 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:33 +0200] "GET /images/clipboard-128.png HTTP/2.0" 200 12263 "https://mesh.datahoarder.dev/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:33 +0200] "GET /images/icons16.png HTTP/2.0" 200 4733 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:33 +0200] "GET /images/icon-relay.png HTTP/2.0" 200 367 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:33 +0200] "GET /images/images16.png HTTP/2.0" 200 6503 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:27:34 +0200] "GET /images/meshicon16.png HTTP/2.0" 200 718 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv6> - - [04/Sep/2020:21:27:42 +0200] "GET /control.ashx?auth=<redacted> HTTP/1.1" 101 7066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
Connecting to an agent from the MeshCentral GUI
Spoiler
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:42:06 +0200] "GET /?viewmode=13&gotonode=<redacted> HTTP/2.0" 200 125601 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:42:06 +0200] "GET /control.ashx?auth=<redacted> HTTP/1.1" 101 23302 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:42:06 +0200] "GET /serverpic.ashx HTTP/2.0" 304 0 "https://mesh.datahoarder.dev/?viewmode=13&gotonode=<redacted>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:42:06 +0200] "GET /commander.htm HTTP/2.0" 304 0 "https://mesh.datahoarder.dev/?viewmode=13&gotonode=<redacted>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:42:06 +0200] "GET /scriptblocks.txt HTTP/2.0" 304 0 "https://mesh.datahoarder.dev/commander.htm" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv4> - - [04/Sep/2020:21:42:06 +0200] "GET /favicon.ico HTTP/2.0" 200 1986 "https://mesh.datahoarder.dev/?viewmode=13&gotonode=<redacted>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 <redacted ipv6> - - [04/Sep/2020:21:42:11 +0200] "GET /meshrelay.ashx?browser=1&p=5&nodeid=node//<redacted>&id=<redacted>&auth=<redacted> HTTP/1.1" 101 361 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36"
mesh.datahoarder.dev:443 2a01:28:ca:246::2 - - [04/Sep/2020:21:42:11 +0200] "GET /meshrelay.ashx?p=5&nodeid=node//<redacted>&id=<redacted>&rauth=<redacted> HTTP/1.1" 101 86 "-" "-"
The unredacted IPv6 address is the static IPv6 of the agent machine. It looks like only requests made to /control.ashx and /meshrelay.ashx are done over IPv6, everything else is requested over IPv4.
whalehub
on 4 Sep 2020
@Ylianst It turns out that the cause of this issue was a peculiarity with the IPv6 implementation in my router (FRITZ!Box 6490). It has a so-called "stealth mode" setting, which, when enabled, makes the router drop packets that are responsible for enabling native IPv6 connectivity and makes it use 6to4 instead. More importantly, with this setting enabled, browsers were unable to do proper IPv6 to IPv4 fallback when required, which resulted in the issue I reported here.
After disabling the "stealth mode" setting in my router, I can get native IPv6 connectivity, IPv6 to IPv4 fallback works and as a result, I'm no longer able to reproduce this issue with cookieIpCheck set to true.
whalehub
on 15 Oct 2020
Was this page helpful?
0 / 5 - 0 ratings
Related issues
unguzov
路
3Comments
petervanv
路
3Comments
Julien-asv
路
3Comments
whalehub
路
3Comments
vish84
路
3Comments