nanog mailing list archives
RE: Microsoft Product Activation server reachability
From: Nathan Anderson <nathana () fsr com>
Date: Thu, 10 Jan 2013 23:01:08 -0800
So the ICMP message "communication prohibited by filter" must be a normal response to ICMP ping through that gateway. Unfortunately, it's not completely fixed yet, but I'm guessing by this measure of progress that they must be working on it. I now get HTTP 403 in response to any request I send to it. Tried to reactive this copy of Windows Server once more anyway, and now get "Online activation cannot be completed at this time." (Message number: 24579) Before, it simply claimed I must not have working internet connectivity. -- Nathan -----Original Message----- From: Scott Howard [mailto:scott () doc net au] Sent: Thursday, January 10, 2013 10:55 PM To: Ben Carleton Cc: Nathan Anderson; nanog () nanog org Subject: Re: Microsoft Product Activation server reachability Working now, tested from 3 hosts on different networks on both 80 and 443 : $ telnet wpa.one.microsoft.com 443 Trying 94.245.126.107... Connected to wpa.one.microsoft.com. Escape character is '^]'. Scott On Fri, Jan 11, 2013 at 12:02 AM, Ben Carleton <carleton () vanoc net> wrote: ----- Original Message ----- > From: "Nathan Anderson" <nathana () fsr com> > To: "nanog () nanog org" <nanog () nanog org> > Sent: Thursday, January 10, 2013 11:24:16 PM > Subject: Microsoft Product Activation server reachability > > Anybody else having a problem reaching (what appears to be) the sole > Microsoft Product Activation server (wpa.one.microsoft.com)? > > $ ping wpa.one.microsoft.com > PING wpa.one.microsoft.com (94.245.126.107): 56 data bytes > 36 bytes from 213.199.189.41: Communication prohibited by filter > > I get this sourcing from our network, from AT&T 3G, and from ye residential > DSL connection located in the greater Seattle area. They aren't simply > source-filtering. Either that or they are source-filtering for 0.0.0.0/0. > > This is apparently the only server/IP they have set up to respond to these > requests. wpa.one.microsoft.com resolves to that IP via every DNS server > I've tried (so no round-robin A records), Microsoft products that need to > activate over the internet only try to resolve that FQDN, and I've looked > for others without success (wpa.two.microsoft.com isn't valid, for example). > > -- > Nathan Anderson > First Step Internet, LLC > nathana () fsr com > > I am seeing the same from NYC metro. According to MS (http://technet.microsoft.com/en-us/library/bb457159.aspx#ECAA), access to that host on 80 and 443 is all that should be required to activate. (and wpa.one.microsoft.com has no AAAA, go figure) [ben@razor ~]$ ping wpa.one.microsoft.com PING wpa.one.microsoft.com (94.245.126.107) 56(84) bytes of data. From 213.199.189.41 icmp_seq=2 Packet filtered ^C --- wpa.one.microsoft.com ping statistics --- 6 packets transmitted, 0 received, +1 errors, 100% packet loss, time 5260ms [ben@razor ~]$ telnet wpa.one.microsoft.com 80 Trying 94.245.126.107... ^C [ben@razor ~]$ telnet wpa.one.microsoft.com 443 Trying 94.245.126.107... ^C -- Ben
Current thread:
- Microsoft Product Activation server reachability Nathan Anderson (Jan 10)
- Re: Microsoft Product Activation server reachability Pui Edylie (Jan 10)
- Re: Microsoft Product Activation server reachability Ben Carleton (Jan 10)
- Re: Microsoft Product Activation server reachability Scott Howard (Jan 10)
- RE: Microsoft Product Activation server reachability Nathan Anderson (Jan 10)
- Re: Microsoft Product Activation server reachability Yang Yu (Jan 11)
- RE: Microsoft Product Activation server reachability Nathan Anderson (Jan 11)
- Re: Microsoft Product Activation server reachability Scott Howard (Jan 10)