Company firewall/proxy issue.... play/download features fail

Need help? Post your questions here.

Moderator: moderators

Company firewall/proxy issue.... play/download features fail

Postby supra92 » Mon Jan 25, 2010 10:24 pm

All,

Longtime SS user (6+ yrs), and am now running into issues with playback whilst at my company (which blocks most everything except 80 and 8080).

Setup:
-- ScientificLinux5.2, Subsonic v3.8
-- Correct portforwarding on Belkin N+ router (recently replaced D-Link DI-612)
-- *Running on port 80*, as I have Apache handling all requests on 80 (even for Tomcat), and passing Tomcat requests to Tomcat running on 8080, via mod_jk

So here's the deal. Subsonic works EVERYWHERE -- it works in my house on the local LAN, and it works for lots of other people on the outside who go to my domain name (http://www.[blahblah].com/subsonic/index.view)

Now.. Subsonic DOES come up here in my office as well. Main screen loads fine, lefthand artists load fine, album art loads fine. But two things fail:

1. Cannot play a song -- streaming does not work. It claims it's playing the song in the Now Playing section on the right, but the Flash player at the bottom stays stuck on 0:00 and nothing happens.

2. Cannot download anything -- it tries to download, but ultimately times out.


Thing is... this setup HAS worked for a long time, but has not worked since I returned from Christmas/NewYear's vacation here at the office. I get the feeling my company has modified its firewall somehow, and now the Play and Download aspects of SS are failing. Are there ANY other ports that Subsonic uses besides the main one that one chooses in configuration (default of 8080, but i'm using 80)??? The fact that this works A-OK in my house, and for seemingly all of my friends out on the internet, is befuddling --- especially since SS comes up just fine here at my office too (except for the Play and Download aspects).

Any insight would really greatly be appreciated --- I seriously need my music whilst working!

Cheers to all,
Supra92
Last edited by supra92 on Mon Feb 01, 2010 1:06 am, edited 1 time in total.
User avatar
supra92
 
Posts: 135
Joined: Sun Nov 19, 2006 12:17 am
Location: Central Texas

Postby supra92 » Thu Jan 28, 2010 1:20 am

Anyone here have this issue before? I am looking at my Belkin N+ router as a potential culprit -- I can't recall exactly when I put it in place, but it would've been right around the same time as the SS failures to stream/download. Problem was, I wasn't in the office for much of Nov/Dec, so I hadn't tried to use it from there. It was only in January after I got back that fellow coworkers noted they couldn't play anything anymore.

Doublechecked the Belkin, and I've enabled/forwarded both 80 and 8080 to the SL52 server. Anything else I should be looking for? Should I nix the idea of running this via Tomcat and go back to the standalone Jetty version? I know this did work with Tomcat when i first migrated from Jetty->Tomcat...

Supra92
User avatar
supra92
 
Posts: 135
Joined: Sun Nov 19, 2006 12:17 am
Location: Central Texas

Postby milkman001 » Thu Jan 28, 2010 9:47 pm

Well Belkin routers are pretty terrible so it might be that.

Have you thought about trying another port? Try 443. I've worked at Schools, Companies, and Gov. agencies and I've never seen 443 blocked.
milkman001
 
Posts: 3
Joined: Wed Jan 13, 2010 1:03 am

Postby supra92 » Fri Jan 29, 2010 7:39 am

The company definitely allows 80, 8080, and 443, as I can easily pull any of those sites up. SSH over port 443 can be useful in companies that block that service's typical port 22. 80 should, in theory, be the only port required since I've configured apache with mod_jk to handle all tomcat requests -- and indeed, SS comes up fine at http://www.[blahblah].com/subsonic/index.view (ie, without the :8080 part).

I am going to swap out the Belkin tomorrow morning and put the D-Link back in place and head into the office to see if that resolves things. I wasn't aware the Belkins were poor in that regard -- this N+ came to me pretty cheaply and my laptop has an N-capable wireless card in it, so I didn't think much about swapping out the D-Link.

Will keep you posted tomorrow!...

Supra92
User avatar
supra92
 
Posts: 135
Joined: Sun Nov 19, 2006 12:17 am
Location: Central Texas

Postby supra92 » Mon Feb 01, 2010 1:12 am

Whelp, no dice --- I swapped out the Belkin N+ for the D-Link, and get the same results: everything in Subsonic works everywhere inside and outside the LAN, EXCEPT from my inside my company where only the Play and Download features fail.

So now I'm left wondering whether it's the Apache mod_jk thing I did late last year. As I understand it, Apache takes ALL requests on port 80, and if something (like Subsonic) is destined for tomcat running internally on 8080, it uses port 5009 to pass the requests from 80 over to tomcat on 8080.

Am wondering if perhaps the Play/Download features for some reason either can't traverse that port 5009 communication line between Apache mod_jk and Tomcat, the way the rest of Subsonic's pages do.

I'm suspecting that if I rolled back that setup, opened up port 8080, and had Tomcat field its own requests directly on 8080 (the way most non-Jetty users here do), that things would work again. BUT... if I do that, then anyone for whom port 8080 is blocked can't use Subsonic :-( I really like having the URL for Subsonic be a standard web URL (ie, using port 80).

Is anyone here sufficiently familiar with mod_jk to assist in figuring out why the Play and Download features don't work with this setup?

Supra92

EDIT: But then, if that were true, it wouldn't work ANYWHERE from the outside world! But it does work most everywhere on the outside, except from inside my company. Grrrrr... no clue what's going on.
User avatar
supra92
 
Posts: 135
Joined: Sun Nov 19, 2006 12:17 am
Location: Central Texas

Could certain networks be the issue?

Postby librainian » Sun Feb 14, 2010 8:05 am

I don't know if its a local issue or not. I've run into the same thing at my office and I have full control of the firewall and DNS (openDNS)

I get the login screen immediately, then the left panel displays the artist index, but the other panes take up to a minute to eventually load and you cannot stream. I got the same result from multiple computers using IE, Firefox, and Opera. I even put the computer in the DMZ to bypass the firewall completely with no effect.

I also tried SubAir application with the same behavior.

I got the same result from a friends house from his netbook, his desktop with Win7 and from my laptop over his wifi which works great over my local LAN.

several others can access it just fine from their house and they report the speed is good for streaming, upload and download.

Why would some internet connections work great and others not?
librainian
 
Posts: 23
Joined: Sat Feb 06, 2010 6:45 pm
Location: Portland, OR


Return to Help

Who is online

Users browsing this forum: No registered users and 21 guests