Error: "server not found" or "connection timed out" playing Flash in ProxySG deployment

book

Article ID: 171733

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Flash video streaming does not work through the ProxySG appliance . It tries to load for a while and then shows an error "server not found" or "connection timed out." This occurs with embedded flash videos that use RTMP over port 1935.

This problem can occur in an explicit deployment with an explicit IP address or a PAC file, or in transparent deployments.

Resolution

Verify you have a Flash license. To verify that you have a valid Flash license, select:

  1. Maintenance
  2. Licensing
  3. View
  4. Licensed Components

If you do not have a Flash license, contact the Symantec Customer Care for help.

Explicit Deployments

In an explicit deployment, you need to make sure that Flash traffic is passing through the appliance. Some websites that have embedded flash streaming video don't look at the browser's proxy configuration or PAC file settings. Instead, they try to connect directly over the default gateway configured on the client workstation.


The easiest way to isolate this problem is to take a packet capture on the client workstation that is unable to play Flash video; follow the traffic over port 1935. If Flash traffic is passing through them the packet capture will look similar to the one below. 

In this example, Destination URL: http://www.globaltv.com, Client IP: 10.167.0.138,  IP: 10.169.3.131.

If the browser's proxy configuration or PAC file settings are not being used, the packet capture will show that it's taking the default gateway settings on the client workstation and then getting blocked on the firewall. Displaying the filter "tcp.port==1935" will show this.

Transparent Deployments

In a transparent deployment, make sure that port 1935 is:

  • Intercepted on the appliance.
  • Redirected from the WCCP router.
  • Not closed on the firewall/default gateway.

Possible Solutions

One way to solve this problem is to open port 1935 and the destination IP on the firewall (assuming the IP is not a random IP address).
Another option is to disable the HTTP handoff for Flash:

  1. Configuration
  2. Proxy Settings
  3. Streaming Proxies
  4. Flash

If videos still are not loading, you can configure static bypass rules as a temporary workaround. You can set up the destination IP (where the Flash content is hosted) to be bypassed by the appliance:

  1. Configuration
  2. Services
  3. Proxy Services
  4. Static Bypass List

Alternatively, you can configure a single client IP address as a static bypass for all destinations. If you are able to play the video using the workaround, call Symantec Technical Support for further troubleshooting.

 

Attachments