Argo TCP Dial Error


#1

Hey CF,
Seeing an issue with this when trying to create a tunnel. Is this a known issue, and are there specific ports that need to be opened in or out? Thanks.
CentOS 6.9, Argo Tunnel installed as a service. Server behind a Cisco ASA.

time="2018-04-06T17:31:22-04:00" level=error msg="Unable to dial edge" error="DialContext error: dial tcp 198.41.192.167:7844: getsockopt: connection refused"
time="2018-04-06T17:31:30-04:00" level=error msg="Unable to dial edge" error="DialContext error: dial tcp 198.41.192.167:7844: getsockopt: connection refused"
time="2018-04-06T17:31:46-04:00" level=error msg="Unable to dial edge" error="DialContext error: dial tcp 198.41.192.167:7844: getsockopt: connection refused"
time="2018-04-06T17:31:46-04:00" level=error msg="Unable to dial edge" error="DialContext error: dial tcp 198.41.192.7:7844: getsockopt: connection refused"

#3

Hello @mike8,

It looks like your router is blocking port 7844 outbound. We use that port to connect cloudflared to our network. What does your access policy look like on the ASA? Can you open the port for outbound connections?

Thanks,
Joaquin


#4

I was beating my head against my desk on this. Apparently, it doesn’t like when I give this port number a service object. If I define it as a straight port number in the ACL, it’s fine. ¯_(ツ)_/¯


#5

Actually, found a better solution for those whom care. I was able to instead use a TCP Service Group instead.