ERROR: [Errno 65] No route to host
3,058 views
Skip to first unread message
Live Oak
Apr 27, 2016, 1:12:44 PM4/27/16
to Google Apps Manager
We've used GAM for several years, but very sparingly, so bear with me here.
After updating to latest GAM 3.65, and following updated instructions for generating client_secrets and oauth2service.json files:
When running gam.py from command line in OS X, I'm allowed to select newly expanded list of scopes, and given the opportunity to grant various access permissions to the application. When I click "Allow," I see the success page "The authentication flow has completed". But returning to the xterm window I see "ERROR: [Errno 65] No route to host."
We do not and have never used proxies for web traffic. I've never seen this issue with previous versions of GAM. Firewall and network switch logs show nothing. What could I be missing?
Jay Lee
Apr 27, 2016, 1:14:10 PM4/27/16
to Google Apps Manager
No route to host definitely sounds like a network-related issue. Can you try on your home network or with a device tethered to your phone to rule out a change to your organization's network layout? I've also seen AV and security software on Windows and Mac block GAM from connecting out to Google's servers.
Jay
--
You received this message because you are subscribed to the Google Groups "Google Apps Manager" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To post to this group, send email to google-ap...@googlegroups.com.
Visit this group at https://groups.google.com/group/google-apps-manager.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/6ca68736-8f7b-49e9-bd73-156cd00049fb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Jay Lee
Live Oak
Apr 27, 2016, 1:36:57 PM4/27/16
to Google Apps Manager
Thanks for the rapid reply.
Well, it's definitely a network issue. Attaching my laptop to a hotspotted phone successfully allowed me to complete the GAM setup.
Just weird that I can't track it down. As I said, no proxies, no changes to our network, and we don't run AV software on our Macs at all. I'm guessing the trouble is with our firewall, even though the block isn't being logged.
Just weird that I can't track it down. As I said, no proxies, no changes to our network, and we don't run AV software on our Macs at all. I'm guessing the trouble is with our firewall, even though the block isn't being logged.
Thanks Jay!
On Wednesday, April 27, 2016 at 10:14:10 AM UTC-7, Jay Lee wrote:
No route to host definitely sounds like a network-related issue. Can you try on your home network or with a device tethered to your phone to rule out a change to your organization's network layout? I've also seen AV and security software on Windows and Mac block GAM from connecting out to Google's servers.Jay
On Wed, Apr 27, 2016 at 1:12 PM Live Oak <john_b...@liveoaksf.org> wrote:
We've used GAM for several years, but very sparingly, so bear with me here.--After updating to latest GAM 3.65, and following updated instructions for generating client_secrets and oauth2service.json files:When running gam.py from command line in OS X, I'm allowed to select newly expanded list of scopes, and given the opportunity to grant various access permissions to the application. When I click "Allow," I see the success page "The authentication flow has completed". But returning to the xterm window I see "ERROR: [Errno 65] No route to host."We do not and have never used proxies for web traffic. I've never seen this issue with previous versions of GAM. Firewall and network switch logs show nothing. What could I be missing?
You received this message because you are subscribed to the Google Groups "Google Apps Manager" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-manager+unsub...@googlegroups.com.
To post to this group, send email to google-ap...@googlegroups.com.
Visit this group at https://groups.google.com/group/google-apps-manager.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/6ca68736-8f7b-49e9-bd73-156cd00049fb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--Jay Lee
Live Oak
Apr 27, 2016, 2:26:30 PM4/27/16
to Google Apps Manager
OK, I found the issue, in case it help anyone else I'll pass it on here.
In our SonicWALL firewall (NSA3600), under Security Services > Intrusion Prevention, the IPS section contains options to prevent High Priority, Medium Priority and Low Priority attacks. GAM communications protocols make some calls that fall into SonicWALL's "Low Priority attack" category. So either untick the entire "Low Priority" attack group (probably not recommended), or look for signature ID 5165, "SSLv2.0 Client Hello 2" in the WEB-TLS category, and disable the block on it.
The logged message should look something like:
Andrew Birch
May 14, 2016, 3:33:50 AM5/14/16
to Google Apps Manager
Just wanted to mention that as a result of a request from my management to audit all files shared with users outside our domain, that I've issued "gam user #{u} show filelist allfields" for each of 110 users, and learned over 100k fileIDs. For each of those, I've ignored them if they're trashed or not shared, then queried the drivefileacl for each remaining fileID (about 50k of them). During that process I received the error message:
ERROR: [Errno 65] No route to host
4 times. I presume that each such message means one call to gam failed. I really don't care as that is 4 failures in about 150,000 calls to gam, which I am happy to ignore.
The point I'm making is that it is not my firewall or network infrastructure blocking anything, rather it is transient errors in either my Internet connection or the Google network.
Reply all
Reply to author
Forward
0 new messages