Can’t connect to Ring Servers

[G8B4Life]

Out of curiosity, have you tried the Vista laptop from where the PC is? If it's interference between the PC and the router I'd expect you to have trouble with more than just RPA but it'd be good to see what happens with the laptop in the same spot.

Anyway, I believe I've found a way to get the data on what's going through the WiFI adapter without you having to install anything. How comfortable are you with using the command prompt?

- Tim

[KB02]

Just tried the laptop while sitting in front of the desktop. Laptop worked fine and desktop is still a no-go.

I've been trying to fiddle with the modem/router firewall settings but even with turning firewalls off there couldn't manage a connection. Granted not entirely sure what I was doing. Couldn't figure out how to set RingEngineering as an allowed site either.

As for the command prompt, I'm willing to give it a go. I've typed up a few DOS prompts in my time.

[G8B4Life]

We might have to do some experimentation with this, I've not used it myself...

We'll use a packet monitor tool that's built into Win10 to hopefully see what's going on.

First, open an elevated command prompt (you know the run as administrator thing. This is a must). Then, type in the following commands into the command prompt (you should be able to copy and paste them into the command prompt window):

Code: [Select]

pktmon filter add -t UDP -p 4608
You can check the filter is active by typing in:

Code: [Select]

pktmon filter list
Start running Packet monitor:

Code: [Select]

pktmon start --etw -p 0 -l real-time -f rpa.etl
Once Packet monitor is running, start RPA. You should see in the command prompt window that packets have been captured. If RPA doesn't connect, stop packetmonitor (if RPA does connect see below):

Code: [Select]

pktmon stop
and then convert the log file to pcapng format

Code: [Select]

pktmon pcapng rpa.etl -o rpa.pcapng
and upload the pcapng file here. If you you want to you can zip the pcapng file with a password, but you'll need to PM me the password.

If RPA connected, don't stop pktmon but click the product programs button in RPA. When that fails with it's error message then stop pktmon and convert the log file and upload it.

- Tim

[KB02]

I get to this step:

Start running Packet monitor:

Code: [Select]

pktmon start --etw -p 0 -l real-time -f rpa.etl

And I get the message:

Code: [Select]

Error: '0' is not a valid event provider Id.

[G8B4Life]

Well, I did say we'd probably have to experiment a bit; the price of not not being able to experiment with it myself first...

Let's see what commands your version of pktmon uses (apparently there could be differences in versions). In an elevated command prompt type this in:

Code: [Select]

pktmon start help
and copy and paste the output here for me (clicking the icon in the top left corner of the command prompt window should give you access to select all and copy, possibly in an edit submenu).

- Tim

[KB02]

pktmon start [--capture [--counters-only] [--comp <selector>] [--type <type>]
                        [--pkt-size <bytes>] [--flags <mask>]]
             [--trace --provider <name> [--keywords <k>] [--level <n>] ...]
             [--file-name <name>] [--file-size <size>] [--log-mode <mode>]
    Start packet capture and event collection.

Packet Capture
    -c, --capture
        Enable packet capture and packet counters.

        -o, --counters-only
            Collect packet counters only. No packet logging.

        --comp { all | nics | id1 id2 ... }
            Select components to capture packets on. Can be ALL components,
            NICs only, or a list of component Ids. Default is ALL.

        --type { all | flow | drop }
            Select which packets to capture. Default is ALL.

        --pkt-size <bytes>
            Number of bytes to log from each packet. To always log the entire
            packet set this to 0. Default is 128 bytes.

        --flags <mask>
            Hexadecimal bitmask that controls information logged during packet
            capture. Default is 0x012.

            0x001 - Internal Packet Monitor errors.
            0x002 - Information about components, counters and filters.
            0x004 - NET_BUFFER_LIST group source and destination information.
            0x008 - Select packet metadata from NDIS_NET_BUFFER_LIST_INFO.
            0x010 - Raw packet, truncated to the size from --pkt-size.

Event Providers
    -t, --trace
        Enable event collection.

        -p, --provider <name>
            Event provider name or GUID. For multiple providers, use this
            parameter more than once.

        -k, --keywords <k>
            Hexadecimal bitmask that controls which events are logged
            for the corresponding provider. Default is 0xFFFFFFFF.

        -l, --level <n>
            Logging level for the corresponding provider.
            Default is 4 (info level).

Logging Parameters
    -f, --file-name <name>
        Log file name. Default is PktMon.etl.

    -s, --file-size <size>
        Maximum log file size in megabytes. Default is 512 MB.

    -m, --log-mode { circular | multi-file | memory | real-time }
        Logging mode. Default is circular.

        circular    New events overwrite the oldest ones when the log is full.

        multi-file  No limit on number of captured events, but a new log file
                    is created each time the log is full.

        memory      Like circular, but the entire log is stored in memory.
                    It is written to a file when pktmon is stopped.

        real-time   Display events and packets on screen at real time. No log
                    file is created. Press Ctrl+C to stop monitoring.

Example 1: Packet capture
    pktmon start --capture

Example 2: Packet counters only
    pktmon start --capture --counters-only

Example 3: Event logging
    pktmon start --trace -p Microsoft-Windows-TCPIP -p Microsoft-Windows-NDIS

Example 4: Packet capture with event logging
    pktmon start --capture --trace -p Microsoft-Windows-TCPIP -k 0xFF -l 4

[G8B4Life]

Yep, your version definitely changed from what all the websites put out when it was released.

So, the command after adding the filter for you should be

Code: [Select]

pktmon start --capture --pkt-size 0 --trace --file-name rpa.etl
You won't get any live logging to the screen but when you put in the stop command after running RPA it should show you a summary on screen of how many transmit and receive packets there were.

- Tim

[KB02]

That didn't quite work either. When typing in that new code I get:

Code: [Select]

Error: Event trace is enabled, but no providers are specified.
I fiddled and searched and was finnaly able to get this to run:

Code: [Select]

pktmon start --capture --file-name rpa.etl
Not sure if it will even be helpful or not, but I've attached the .pcapng file that I was able to get.

Moderator edit: pcapng file removed for privacy - Tim

[G8B4Life]

That's Microsoft for you, according to their docs the event provider is "optional".

Anyway, the capture had everything I wanted in it. I've downloaded it and removed it from your post as it contains more than just RPA's traffic.

Now I'm assuming that RPA did NOT connect when you did the test? (tell me if it did because that's important).

So firstly the good news, there isn't any corruption of the packets, the data going in and out of the WiFi adapter for RPA is correct and the connection sequence is also correct.

Now to the puzzling part; unless the capture is somehow very wrong I'm seeing very strange behavior in the capture, something to do with the WiFi adapter is sending the data in and out repeatedly (usually 4 times) in very quick succession, and I mean nanoseconds! And not just RPA's data either.

So according to the capture RPA and the server negotiated a successful connection 4 times. Also strange is that even if not connected you clicking the pictures button did not get a response from the server which you should have gotten.

I'm looking into it further but it's a weird one for sure.

- Tim

[KB02]

Yeah, it was the standard reaction from RPA. I opened it, it said connected, I clicked on the lights button, it thought for a few seconds, then gave me the "Can't connect" message.

[G8B4Life]

Well one should probably not try and analyse data past midnight  , I missed something last night...

So I believe I have found the problem, what I don't have yet is a why or a solution. I've never seen or heard of this before. Basically what is happening is that somewhere along the network stack the destination IP address is getting  changed to the source IP address.  In laymans terms this means that when you pressed that pictures button when you were doing that packet capture for me your computer was talking to itself and not with Rings server.

I'm also seeing a lot of of other weird stuff in the capture, such as packet out of sequence errors, MAC addresses that should not have the ID that they have and as already mentioned, the repeated sending of individual packets.

Can you do this for me? Open an elevated command prompt and type in

Code: [Select]

ipconfig /all
and send it to me in a personal message. I'd like to see if those weird MAC address show and if it'll tell me what they are.

So I'm still looking for a why (I may have to join a tech forum to ask!) but a few other questions.

• Is this PC on 24/7 or do you turn it off at all (and not just hibernate etc)? If it's on 24/7 and you haven't turned it off since this thread started it'd be a good idea to turn it off and on and see if the problem persists
• What is the make and model of the Wireless adapter that the PC has?
• Are the drivers for the wireless adapter up to date?

- Tim

[KB02]

PM Sent.

[G8B4Life]

I haven't forgotten you KB02.

From your PM, yes, rebooting is the first step of IT, especially where Windows is concerned 

Unfortunately the info in the ipconfig didn't include any devices with those extra MAC addresses, oh while the make and model of the modem/router combo was good to know it was actually the make and model of the WiFi device on/in the PC I was after.  If this is an internal device you can get it's name and model number from somewhere in the network settings.

Another round of questions spurred by looking at the packet capture;

Do you have any other networking device plugged into the PC, such as an access point, a switch, a router etc?
Are you running any virtualisation software, such as VirtualBox or VMWare?
Have you deliberately set the PC's Wifi adapter to be a hotspot or access point?

While I still don't have a why I am formulating a theory that can be tested. From the packet capture only RPA's traffic shows this issue, no other UDP traffic in the capture had the issue however unlike RPA the other UDP traffic doesn't have the same source and destination ports and I wonder if something at the layer 2 interface is getting confused by it?

- Tim

[KB02]

...while the make and model of the modem/router combo was good to know it was actually the make and model of the WiFi device on/in the PC I was after.

Ah. It is a Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter

Another round of questions spurred by looking at the packet capture;

Do you have any other networking device plugged into the PC, such as an access point, a switch, a router etc?
- No
Are you running any virtualisation software, such as VirtualBox or VMWare?
- No
Have you deliberately set the PC's Wifi adapter to be a hotspot or access point?
- No

I just placed an order with Bill for a couple more LM3S modules (really good price!). Looking like I might have to use the old laptop to get them set up in the locos.

[G8B4Life]

This really is a odd one I must say.

You said in your PM that you had trouble with this WiFi adapter previously, what was the trouble if I may ask?

On the drivers, it's probably worth confirming they are up to date. Microsoft in their update catalog has the latest version as 2023.42.831.2016 (2016/02/10), and RealTek has 2023.56.0502.2017 (2017/06/26) on their website https://www.realtek.com/en/component/zoo/category/rtl8723be-software

I'll PM you with the experiment, probably tomorrow.

- Tim