 |
reinhold.leitner@applicgate.com (C) April 2024 www.applicgate.com |
$$$$$$$$$$$$$$$$$$$$$$$$$ Establish autologon session $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Extract of logfiles, servers are in different time zones. ========================SRV1: Start of autologon session =========================================================== 6: RtID:2 2019-02-08 20:56:55 autologon starting ... 6: Connect to 10.10.1.1 port 443 6: Connection successful 6: ConnectCallback Setup SSL as client.. 6: Server successfully authenticated, SslProtocol: Tls12 6: Sending ... GET /reverselogon?R1|X1 HTTP/1.1 User-Agent: ApplicGate/9.0.6976.37749 SRV1 Content-Length: 379 Function;RuleID;GatewayIP2;DestinationIP;DestinationPort;Expiration;Type;UID;Comment;eMail autologon;R1|X1;*;10.10.1.1;443;~;TTL:6,SSLTARGET:srv0.test.com,SSLCC:srv1@test.com.cer,RETRY:2;AUTO;autologon;bob@test.com incoming;R1;manage;*;*;*;UIDN:"Test!RSPtest";T100.1;Mgmt;bob@test.com incoming;X1;reverselogon;Y1;*;*;SSL:srv1.test.com.cer,CCR:*@test.com,CHKCC,ISS:TestCA;RV1;; =======================SRV0: Accept logon ========================================================================== 1279: New incoming TCP connection 2019-02-08 19:57:20 ; SourceIP: 10.20.1.1 SourcePort: 55751 GatewayIP: 10.10.1.1 GatewayPort: 443 1279: RtID:2 accepted 1279: Remote cert was issued to E=srv1@test.com, CN=srv1, O=Test and is valid from 1/7/2019 7:01:20 PM until 1/7/2021 7:11:20 PM 1279: Remote cert was issued by CN=TestCA, O=Test 1279: EmailName: srv1@test.com, no userPrincipalName found. 1279: Waiting for reverselogon data.. 1279: received: GET /reverselogon?R1|X1 HTTP/1.1 User-Agent: ApplicGate/9.0.6976.37749 SRV1 Content-Length: 379 Function;RuleID;GatewayIP2;DestinationIP;DestinationPort;Expiration;Type;UID;Comment;eMail autologon;R1|X1;*;10.10.1.1;443;~;TTL:6,SSLTARGET:srv0.test.com,SSLCC:srv1@test.com.cer,RETRY:2;AUTO;autologon;bob@test.com incoming;R1;manage;*;*;*;UIDN:"Test!RSPtest";T100.1;Mgmt;bob@test.com incoming;X1;reverselogon;Y1;*;*;SSL:srv1.test.com.cer,CCR:*@test.com,CHKCC,ISS:TestCA;RV1;; 1279: set TTL to 6 1279: sending... HTTP/1.1 200 Login Accepted Server: ApplicGate/9.0.6976.37749 SRV0 Content-Length: 12 Rules: R1|X1 =======================SRV0: Receive acceptance ==================================================================== 6: ReadCallbackAutologon: HTTP/1.1 200 Login Accepted Server: ApplicGate/9.0.6976.37749 SRV0 Content-Length: 12 Rules: R1|X1 $$$$$$$$$$$$$$$$$$$$$$$$$ Data Link $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ =======================SRV0: Start data link ======================================================================= 1280: New incoming TCP connection 2019-02-08 19:57:34 ; SourceIP: 10.62.22.12 SourcePort: 58776 GatewayIP: 10.10.1.2 GatewayPort: 87 1280: RtID:3 accepted 1280: Processing forward entry, DestinationIP: srv1@test.com:R1 1279: sending... Link1280+R1 SourceIP;GatewayIP;GatewayPort;logonUser;IssuerOfLogonCertificate 10.62.22.12;10.10.1.2;87;; =======================SRV1: Receive link request and start autologon session ======================================= 6: ReadCallbackAutologon: Link1280+R1 SourceIP;GatewayIP;GatewayPort;logonUser;IssuerOfLogonCertificate 10.62.22.12;10.10.1.2;87;; 6: Open new autologon session .... 7: RtID:2 2019-02-08 20:57:09 autologon starting ... 7: Connect to 10.10.1.1 port 443 7: Connection successful 7: ConnectCallback Setup SSL as client.. 7: Server successfully authenticated, SslProtocol: Tls12 7: Sending ... GET /newlink?Link1280+R1 HTTP/1.1 User-Agent: ApplicGate/9.0.6976.37749 SRV1 7: mapping to incoming entry RtID:3 7: RtID:3 accepted 7: Waiting for status request.. =======================SRV0: Receive new link and send data ======================================= 1281: New incoming TCP connection 2019-02-08 19:57:34 ; SourceIP: 10.20.1.1 SourcePort: 55752 GatewayIP: 10.10.1.1 GatewayPort: 443 1281: RtID:2 accepted 1281: Client successfully authenticated, SslProtocol: Tls12 1281: Remote cert was issued to E=srv1@test.com, CN=srv1, O=Test and is valid from 1/7/2019 7:01:20 PM until 1/7/2021 7:11:20 PM 1281: Remote cert was issued by CN=TestCA, O=Test 1281: EmailName: srv1@test.com, no userPrincipalName found. 1281: Waiting for reverselogon data.. 1281: received: GET /newlink?Link1280+R1 HTTP/1.1 User-Agent: ApplicGate/9.0.6976.37749 SRV1 1281: reverselogon StateObject removed, sessions linked to ID 1280, 2019-02-08 19:57:34 =======================SRV1: Receive data ======================================= 7: ReadCallbackSt: GET / HTTP/1.1 .............
|
reinhold.leitner@applicgate.com (C) April 2024 www.applicgate.com |