This page summarized 'know' solution for connector connection troubleshooting
The issues described in this document will specifically tackle the following topics;
DNS rebind
DNS resolving
Use of proxy and or firewall
DNS rebinding is a method of manipulating resolution of domain names. In the case of the Trust1Connector we use a domain to resolve to localhost
or 127.0.0.1
. We do this because Self signed certificates are not allowed by browsers and using an insecure protocol from a secured website is not allowed either.
Some routers prevent DNS rebind, the name for this is DNS rebind protection. They will prevent domains that resolve to private network ip's, such as 127.0.0.1
.
For the Trust1Connector to work this settings must be disabled or the domain t1c.t1t.io
must be whitelisted. How to do this should be provided in documentation from your ISP or Router vendor.
In some cases customers will have their own custom DNS server for various reasons. When this DNS server does not have the domain t1c.t1t.io
which should resolve to 127.0.0.1
it can cause the customer to prevent using the software.
The issue will typically show up as "Could not find the installation".
To resolve this the domain should be either resolved by the DNS server or the hosts file should be updated.
Modifying your hosts file enables you to add a fallback to the domain name system (DNS) for a domain on a specific machine.
Modifying your hosts file causes your local machine to fall back to the Internet Protocol (IP) address that you specify.
Modifying the hosts file involves adding an entries to it. The entry contains the IP address to which you want the DNS to resolve and a version of the Internet address.
When the connector is not reacting, but the installation has succeeded, a DNS Rebind policy can forbid the communication form a web application to the connector's domain name. The default domain name used is: t1c.t1t.io
Other than DNS rebind, a DNS server not containing the necessary resolutions for localhost
or t1c.t1t.io
can cause the same issues as a DNS rebind problem.
There are 2 approaches to fix DNS rebind issues:
update the 'host' file of the device (needs admin rights)
update the local router which enforces the DNS Rebind
And 2 for when the configured DNS server does not contain the name resolutions;
update the 'host' file of the device (needs admin rights)
Ask the network administrator to update the DNS server to include name resolutions for localhost
and t1c.t1t.io
to 127.0.0.1
The admin password will be asked in the command line. If you open the file with another editor, a pop-up will ask you for the administrator password.
The file will be shown (the example can be different from what is configured on your device)
We need to add an additional line to this file:
Open Notepad or an editor of choice and run as administrator the following file:
The contents will look like this
We need to add an additional line to this file:
Select File > Save to save your changes. Restart your browser
In some cases there is need for a proxy service by the organization or network. Here this setting can be enforce on a System level and on a browser level. On the system level this can be applied via the settings of the Operating system but can also be applied by policies (GPO) from the infrastructure/network.
There is a protocol that can do domain resolution based on a Proxy PAC file, which is used by browsers specifically, this is a Javascript file which is hosted on the network infrastructure for browsers to download and execute to determine domain name resolution.
Another typical case we see is where a firewall is defined which can have certain rules preventing the Trust1Connector to function. For this we ask the administrator to make sure that the following points are tackled;
The domain(s) should be reachable (t1c.t1t.io and ds.t1t.eu)
The program is running on 3 TCP ports, 51983 and 2 dynamically allocated ones, we ask to have the default port (51983) to be allowed by the firewall
An anti-virus has functionalities to protect you from malicious software components. When an anti-virus is present on your device, please allow the connector processes to be trusted and allowed to connect to the web.
More information on 'known' solution for anti-virus services can be found: Troubleshooting