Web lists-archives.com

RE: What is the proper mailing list for server issues?

Ok, I spoke too hastily.  It's possible a webserver blocks sites or the ISP blocks.
Also, perhaps cygwin.com can't resolve starwolf.com as Brian suggested.
Looking at your curl and openssl output I see this oddity

"No ALPN negotiated"
"ALPN, server did not agree to a protocol"

According to this site cygwin.com does not support HTTP/2.  Must be using 1.1.

Does this get you a web page?

curl -v --http1.0 https://www.cygwin.com

You're not doing any port forwarding of 443?




I'm trying from several different machines in the house, some directly connected, as well as any thru the NAT interface.  This is the ONLY site I cannot reach normally.  I have to use the Tor browser to reach the site, and, even then, once I get a new cygwin setup .exe, the list of mirrors doesn't auto-fill because (surprise, surprise) I cannot connect via any known protocol to either www.cygwin.com or

The SSL certificates I get from a successful Tor hit and an unsuccessful
403 from home are identical

I am concluding that at least the address range 69.12.250.{40-47} are being blocked; and it probably extends beyond that.

Firewall is a Watchguard Firebox running pf_sense.  I get the 403 even with a direct (non-firewalled, non-routed connection)

I have attached two .txt file with runs from two servers within my house, one running NetBSD, one running Windows [thus the importance of cygwin].
Included are runs from 'host'/'nslookup', 'ping', 'traceroute', 'curl' 
and 'openssl'

This is NOT a local firewall issue, otherwise my other machines on different addresses would not have a problem.

smaug is my internal firewall.
stupidhead is the default next hop from said firewall.

"...it's nothing to do with cygwin.com."

Sooooo, why else would I get a refusal from the web server from this address when I can connect from elsewhere ** and the SSL certificate is the same ** ??

What am I missing?

"...but there's nothing we can do from here."

Where is "here"? If "here" == "cygwin.com", you can't tell me if my IP is on an internal blacklist (and, moreso, why?)??

On 2017-04-21 08:06, Gluszczak, Glenn wrote:
> Agree, it's nothing to do with Cygwin.com.
> Check for a firewall on your local machine.  Check your home router to see if it has a firewall with restrictions.
> Perhaps you're passing through a proxy server or firewall at the ISP?
> Try traceroute or wget to analyze what site you're really attaching to.
> On 4/21/2017 2:35 AM, Greywolf wrote:
>> Hello,
>> I am having a server issue that neither I nor my ISP seem to be able
>> to resolve with regards to connecting to Cygwin.com -- namely, only
>> from my house, I get a 403 Forbidden.
> This is _your_ problem.  Something has caused you to not be able to reach cygwin.com properly.  What IP address does cygwin.com resolve to?
> Does using the IP address directly work for you?
> $ ping cygwin.com
> Pinging cygwin.com [] with 32 bytes of data:
>> I've been round with my ISP and they are unable to reproduce the
>> issue; the response I get from here is "contact your ISP".  So who do
>> I contact about this?  Not being able to automagically fetch the
>> mirror list is annoying, and not being able to reach the site to see
>> about updates and such is similarly so.
> Understandable but nothing we can do from here.