Why does Internet connectivity check act like a firewall - Google Pixel 4a Questions & Answers

I am having issues with some public WiFi pages that require a login page through a captive portal. When I attempt to connect, I get an error message, “The webpage at https://commectivitycheck.grapheneos.org/generate_2 could not be loaded because: net::ERR_CONNECTION_REFUSED”. When I change my Internet connectivity check from GrapheneOS to Standard (Google), the issue clears. I am not sure how an Internet connectivity check from GrapheneOS is acting like a firewall for me to proceed with my WiFi login.

Related

Fuze - VPN to Compnay Network - Remote Desktop Works, Intranet browsing does not

I have the AT&T Fuze with the stock ROM. I purchased it the first day it came out. I think this was 11/11/2008. I have the PDA Personal plan for unlimited data. I have things set up so that my contacts and email synch with our Exchange server. I can remote desktop from my Fuze using the data network to any machine that I can remote to from my computer, so from that, I am thinking VPN must be configured correctly. On one of these machines that I connect to, I have IIS running and put a very simple web page on it (no script, nothing IE specific). From my work computer, it loads fine. I can remote desktop from my Fuze to any machine on the network and launch IE and load it. But, I can't load it directly from my Fuze in either Opera or IE. It does initiate the VPN connection. But, then I get the error HTTP gateway timed out. I'm really not interested in viewing the page that I created. We use Perforce, which is source control system. It has a jobs portion, which we use to track bugs. There is a web interface to the jobs, which is on the intranet, not internet. I don't have rights to remote to the Perforce server, and that is why I initially tried putting a simple page on a machine that i am an admin on. I want to be able to click on a link in my email and have it load the bug in Opera. If I am home and turn on WiFi, and disable the data network, this works fine. This bypasses AT&T's machines, which makes me think there is something that AT&T is blocking. And if they are, then maybe it is the AT&T bloat this is telling them what it is. Our IT guy has verified that I am successfully VPNing in. He is seing the mycingular.net in the firewall.
My boss has the same phone, but purchased more recently, and his is working fine for this. He has flashed the new AT&T test ROM, and done the thing that keeps the AT&T bloat from getting installed.
The fact that remote desktop works, but browsing a webpage on the same machine does not, makes me think there is more to this than just network settings.
If anyone has the anwer to this, please share. If I find the answer, I will post it is well. I have extensively searched the forum for the answer to this, and have not found anything that worked. If I have missed something, I appologize.
Sort of works now, still have an issue
After going to the proxy tab, and checking that This network connects to the Internet and checking the check box that this network uses a porcy server to connect to the internet. Then specify the server. Then go to Advanced and change the HTTP port to 8080 instead of just 80. I also put the user id, password and Domain in on the proxy for HTTP.
But I get prompted for a user id and password from the proxy erveer. I have entered it and clicked the checkbox to save it. It does not display the same info that I entered the next time and it does not display what was entered on the HTTP proxy page. It is a drop down, and I can select the correct one. It's just annoying to need to. I'd like to clear this cache.
Also, to initially get it working I had to disable HSDPA and HSUPA, restart. Then reenable it. I have the registry on my Fuze which give me the menu option on the Advanced network tab to do this.
Figured out how to clear the cache issue - still prompts
The cache was a setting in Opera for passwords.
It still asks for the password. At least it is prefilled with the correct info, since I now only have the one entry, so it is just 1 click, but I should not need to do this step.
Any one know what I need to do to fix this.
If I try to load it in IE, it just tries but never succeeds and never asks for a password, just says Opening.
Connections
Why should I need to set this to connect to the Internet, and use the ISA server? I would think if it needs to connect to the internet, it should be able to just use the Media Net
My Media Net Settings are
Modem -
Name - Modem
Media Net - wap.cingular
Advanced shows the modem in the drop down list as Cellular Line (GPRS, 3G)
The drop down is disabled
Next
Access Point Nam - wap.cingular
Next
User name - [email protected]
don't know what the password is. I've never changed it.
Domain is blank
Next
TPC/IP
Use server - assigned IP address is selected
Use software compression and use IP header compression are checked.
Use slip is not checked and the checkbox is disabled
Servers
Use Servr Assigned addresses is selected
So DN,Alt DNS, WINS, and ALT WINS are disabled.
Proxy Settings
This network connects to the internet
This networks uses a proxy server to connect to the internet is not checked.
More info and additional question
Navigating to some intranet sites does not prompt me for the isa server.
such as http://machine/virtdir/Default.aspx
seems to work without being prompted
but
http://perforcemachine:8080/@md=d&cd=//&[email protected]//?ac=107&mx=25
prompts me for the password.
Also, in order to get either of these links to work, I need to have in my exceptions:
*.companyname.com/*
Where companyname is the actual companyname.
This is annoying because it makes it connect to the VPN when synching with the exchange server. Before I want on the quest to get these links to intranet sites to work, I synched with the exchange server without connecting to the VPN.
I've tried putting in isa.companyname.com in the exceptions, but that doesn't work.
Is there a way to do *.companyname.com/* except mail.companyname.com?
I suspect all of this is in the registry somewhere.

VPN Setup for Advantage X 7510

I need some assistance on setting up VPN access to my corporate network on my X 7510. I am technologically barely savvy. I am a business user of my X 7510.
Can someone please help me in configuring my device to access my corporate VPN?
The following describes my attempts to configure the VPN settings using the standard VPN configuration available on the device:
I am using the settings given by my network team. We are using a pre-shared key and no certificates. Our corporate VPN uses CISCO ASA 5520. When I setup the VPN there is an "Advanced" option that asks for certain server IP addresses. Our network team says that this need not be used.
I am trying to connect over a GPRS network. The most frustrating part is that the IT Manager uses an iPhone and he downloaded a VPN client for 9 dollars from the Apple Store and it works beautifully !!!
But I am not able to connect and I get an error message that says that there is a problem with my user name and password. The message asks me to turn off and turn on my device to see if that fixes my problem. But it does not.
I have triple checked all the setting details with our network team and all the data are correct. My network team can monitor connection attempts and they say that they are not even able to see any connection atempts from my device.
Can somone please help me?
I Think it depends on the rom you use. If that vpn package is there.
I also have a problem with my VPN on x7510. I think I get all the settings right because it says I am connected to my corporate network. Our network administrator from the network monitoring desk actually sees me connected. But I cannot access any application on the network, not even my company's intranet homepage.
Another irritating part is that when I fire up any application that requires internet access but not VPN - like Nimbuzz, the VPN starts to connect through GPRS - very annoying. So I have now set up the VPN to disallow internet access.
rsawoseyin
Can you please share how u have setup the VPN? I am not even able to connect.
Isn't there anybody else here who can assist?
My roms have vpn capabilities, if you go to connection at the bottom it has "set up vpn" (or something like that)

Wi- Fi network verification problem

Hi,
In the office i have free Wi-Fi network which needs verification (username and password) to let you enter the web. With my previous phones (Samsung, Sony etc) when phone took IP address from this network a pop up google chrome (or other web browser) window opened to the page in which i have to put my username and password to connect to the web.
With Mi4c i do the same thing but the only thing that happens after connecting to the network is to see for less than a second a blank page and then goes back to the Wi_Fi settings screen. It shows that the phone is connected to the network but i can not reach the web. I tried to open the verification page manually but it says that there is no connection.
Any ideas?
Thanks

MS web site login.live.com rejected over WiFi networks

My Samsung Note8 SM-N950F/Android v. 9 can log to MS login Web site OK via 3/4G networks. And it can open other web sites on mu home WiFi Network.
But, when trying to login to MS over my home WiFi Network, login.live.com page indicates that the site is not accessible, asking to check if the login.live.com address is correct, with error message: DNS_PROBE_FINISHED_NXDOMAIN . Idem with my second Note 8 phone. Connecting to my neighbour’s WiFi network: same issue with MS login.!
Tried with Chrome, Edge and Firefox browsers on same phone: idem. On MS support site found other users with Samsung Galaxy 8 S and Huawei P Smart phones report the same issue.
But my son's OnePlus 6T Android v. 10 phone can login to MS without any problem over my WiFi network. And no problem with my Win10 PC via WiFi either!!!
What is the reason? Android version 9 vs 10, WiFi configuration on the phone, or phone brand related issue??
Please Help!
Regards,
Radivoj
Delete & re-add network
Delete a Wi-Fi network from your phone
Open your phone’s Settings app.
Tap Network & internet And then Wi-Fi.
If needed, turn on Wi-Fi.
At the bottom, tap Saved networks.
In the list, tap the saved network that you want to delete.
Tap Forget.
Add the Wi-Fi network again
Open your phone’s Settings app.
Tap Network & internet And then Wi-Fi.
At the end of the list, tap Add network.
If needed, enter the network name (SSID) and other security details.
Tap Save. If needed, enter a password.
Check for problem apps
The problem can be from an app that you downloaded. To find out, restart your phone in safe mode.
Turn on safe mode. Learn how to turn on safe mode.
Try connecting to the Wi-Fi network again.
Open your phone’s Settings app.
Tap Network & internet And then Wi-Fi And then the network name.
See whether the Wi-Fi connection works in safe mode.
If the Wi-Fi connection works in safe mode
A downloaded app is most likely causing the issue.
To exit safe mode, restart your phone.
Uninstall recently downloaded apps one by one. See whether the connection works.
After you remove the app that's causing the problem, reinstall the other apps.
If the Wi-Fi connection doesn't work in safe mode
Likely, there's a problem with the Wi-Fi network or internet connection.
Hope this helps.
Regards,
Bruce
Hi Bruce,
Thank you for your advise. I already tried everything what you told me to, and it still does not work I tried this also on a brand new Note 8, without any additional apps installed. I can modify DNS1/2, but the SAVE button is greyed out, so the modification can not be registered !
Just had a chat with Samsung France technical support, asking them whether DNS change can or can not be done in their phones, and received the response that to modify DNS I should contact Google and not Samsung !!!
GOOD NEWS !
Searching Internet I found an excellent article concerning DNS modifications under different Android versions:
https://www.androidpolice.com/2020/03/26/make-android-use-dns-server-choice/
I followed it's recommendations for changes in My Note 8/Android 9 (pie) and MS connect worked flawlessly when I selected either Quad9 or Cloudflare Private DNS!
I found there was also another solution: from Google Store download and install DNSet application (others also available). After starting it overrides current DNS Setup and all performs perfectly.
However, preferred using the first solution for safety reasons.
Best regards,
Radivoj

Q: Android Wifi "Limited connection" - what triggers this?

Hi all,
sometimes when my Android device (OnePlus 5, Android version 10) is connected to my mobile router, it shows "limited connection" in my wifi settings.
The connection still appears to work fine, however I wonder what exactly (technically) would trigger this message?
Is it, Android tries to access some host from time to time and if not reachable it turns this message on?
Or does it probably interpret some information contained in the Wifi payload itself?
Maybe one of the Android devs here can answer this for me. Or can point me to the code which controls this message, I am happy to study it myself then.
Thanks a lot and all already a Happy New year 2022.
Andi
Hi Andi,
the phone uses a captive portal detection to see if internet is reachable from the current connection or it's not reachable or if it's blocked by a firewall, such as in a hotel's wifi.
To do so, it connects to
http://connectivitycheck.gstatic.com/generate_204
and if it gets a 204 response, the connection is good and no message is displayed. In other cases it will open the wifi login portal (if any) or it will just display a limited connection note, as on your phone.
If you see the message despite the connection can reach internet, it means that there might be something (a firewall for example) blocking the connections to connectivitycheck.gstatic.com. Some applications, as Aurora Store, also use gstatic.com to check the connection, and they won't work if it's not reachable, even though the rest of the web can be browsed.
It is possible to change the address used for connectivity check by running these commands in adb shell:
settings put global captive_portal_http_url "http://<YOUR-URL>
settings put global captive_portal_https_url "https://<YOUR-URL>
You can use any url you want, public or privately hosted, the only important thing is that it has to return a 204 response code.
Happy 2022 to you too!
tremalnaik said:
Hi Andi,
the phone uses a captive portal detection to see if internet is reachable from the current connection or it's not reachable or if it's blocked by a firewall, such as in a hotel's wifi.
To do so, it connects to
http://connectivitycheck.gstatic.com/generate_204
and if it gets a 204 response, the connection is good and no message is displayed. In other cases it will open the wifi login portal (if any) or it will just display a limited connection note, as on your phone.
If you see the message despite the connection can reach internet, it means that there might be something (a firewall for example) blocking the connections to connectivitycheck.gstatic.com. Some applications, as Aurora Store, also use gstatic.com to check the connection, and they won't work if it's not reachable, even though the rest of the web can be browsed.
It is possible to change the address used for connectivity check by running these commands in adb shell:
settings put global captive_portal_http_url "http://<YOUR-URL>
settings put global captive_portal_https_url "https://<YOUR-URL>
You can use any url you want, public or privately hosted, the only important thing is that it has to return a 204 response code.
Happy 2022 to you too!
Click to expand...
Click to collapse
Thanks, this is a good pointer to further analyze this the next time it happens.
Many thanks for the detailed answer, really appreciated.
Have a great 2022
Andi

Categories

Resources