1777 Sentry Parkway West
Building 17, Suite 405
Blue Bell, PA 19422
+1 (888) 507-2270
Issue with Validator
Forums: Troubleshooting and Problems
PhilippRe: Issue with Validator
Hello Maryse,
Thank you for your feedback!
First of all, please install the latest available Community version 3.1.0.
Besides various improvements and bug fixes it also contains a newer pre-packaged set of CTs and dictionaries. Your firewall might block dictionary download preceding the validation, so that issue might be resolved by just updating the app.
App usually downloads the latest version automatically but this process might be blocked by your firewall. You can just download the newest installer here:
https://www.pinnacle21.com/downloads
Community app reaches a range of dynamic AWS S3 IP addresses that cannot be summarized in a short list.
We are working on consolidation of the app traffic to use just several static IP addresses for easier whitelisting.
It will be included in one of our next updates.
To resolve firewall issues in Community 3.1.0, we recommend whitelisting inbound/outbound TCP protocol traffic in port 443 for Community executable files.
Default paths for these files in system-wide installed Community are:
Main Community 3.1.0 Application file
C:\Program Files (x86)\Pinnacle 21 Community\Pinnacle 21 Community.exe
Java executable file (for 64-bit systems)
C:\Program Files (x86)\Pinnacle 21 Community\resources\app.asar.unpacked\components\java64\bin\java.exe
Java executable file (for 32-bit systems)
C:\Program Files (x86)\Pinnacle 21 Community\resources\app.asar.unpacked\components\java32\bin\java.exe
Default paths for per-user installation are all similar, but instead of "Program Files" they are inside
C:\Users\%USERPROFILE%\AppData\Local\Programs\Pinnacle 21 Community\
I hope this helps, but please let us know if you have any further questions.
Thanks,
Philipp
Thank you Philipp for you…
Thank you Philipp for you quick feedback. We have installed the new version of Pinnacle21 software from your website but now we get an error "No internet connection".
According to the below forum, someone has posted that Pinnacle21 is not Proxy-aware.
https://www.pinnacle21.com/forum/no-internet-connection-error-0
Our network has a proxy but the traffic seems to hit the firewall directly and there's no option on Pinnacle to configure proxy
If it's not proxy aware, please provide the complete list of destination IP range that Pinnacle21 would use.
From the firewall logs on our end, we could see it's reaching to the IP address list below over TCP/443 and is blocked by our firewall
13.224.239.8, 13.224.239.28, 13.224.239.40, 13.224.239.62, 13.224.241.71, 13.224.241.114, 13.224.241.161, 13.224.241.230
Please confirm if these IP addresses belongs to Pinnacle and kindly share the complete list of IP address/FQDN to whitelist on our firewall.
Thank you
PhilippHello Maryse, Community 3.1…
Hello Maryse,
Community 3.1.0 uses a Content Delivery Network (CDN) to ensure high download speeds all over the world. It reaches a set of dynamic IP ranges that would need to be whitelisted (if you cannot open all TCP 443 traffic for app files). IPs being used by Cloudfront CDN are listed on the following page, they are in CLOUDFRONT_GLOBAL_IP_LIST:
http://d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips
The majority of Community traffic goes through this network. For example, all of the IP addresses that you mentioned are inside the "13.224.0.0/14" range from CLOUDFRONT_GLOBAL_IP_LIST.
If you whitelist ranges from this list, the "No Internet connection" error will likely be resolved. There are still some other dynamic AWS S3 IP addresses being called outside of CloudFront. Unfortunately, we cannot provide a complete list of these S3 dynamic addresses yet.
We are working on the consolidation of the whole app traffic to use just several static IP addresses for easier whitelisting.
It will be included in one of our next updates that will be published on our website.
Thanks
Is there any update on this issue?
Are static IP addresses added for easier whitelisting? Will future version be proxy-aware?
PhilippHello Chengeng, The static…
Hello Chengeng,
The static IP address feature was not added yet.
P21 Community usually works with proxy set at OS level. This setting is accessed in Windows 10 through Control Panel - Internet Options - Connections - LAN Settings.
There you can provide an auto-config script or set up proxy manually in the Proxy Server section.
Adding dedicated proxy configuration into the P21 Community is not currently planned.
Thanks,
Philipp
Hello,
I am running 3.0.2 of P21 Community on Windows 10. The validator screen spins indefinitely with a message stating "Validation has started".
Here is a copy of the log:
2020-10-12 14:50:53 [RxIoScheduler-2] ERROR net.bootstrap.utils.S3Loader - Failed to download file: release/engine/engines.json
2020-10-12 14:51:13 [RxIoScheduler-4] ERROR net.bootstrap.utils.S3Loader - Failed to download file: release/engine/engines.json
2020-10-12 14:52:52 [RxIoScheduler-2] ERROR net.bootstrap.utils.S3Loader - Failed to download file: release/resources.json
[2020-10-12T12:53:29.639Z] [error] connect ETIMEDOUT 13.224.241.114:443
2020-10-12 15:05:50 [RxIoScheduler-2] ERROR net.bootstrap.utils.S3Loader - Failed to download file: release/engine/engines.json
2020-10-12 15:06:10 [RxIoScheduler-4] ERROR net.bootstrap.utils.S3Loader - Failed to download file: release/engine/engines.json
2020-10-12 15:07:49 [RxIoScheduler-5] ERROR net.bootstrap.utils.S3Loader - Failed to download file: release/resources.json
2020-10-12 15:07:49 [RxIoScheduler-2] ERROR net.bootstrap.utils.S3Loader - Failed to download file: release/resources.json
[2020-10-12T13:08:32.100Z] [error] connect ETIMEDOUT 13.224.241.71:443
Please advise if there's specific network requirements. Our Network team would like to know the entire list of Pinnacle Destination IPs and the Ports used, so they can whitelist them on firewall.