No connection possible under Linux / Ubuntu 20.04 LTS

[BestVanRome]

Hi Cepton-Team,

I can't connect to the sensor (VIsta P60). I'm using ubuntu 20.04 LTS. Neither your viewer v1.18 nor your "connection tool" seem to work. I can see the sensor in wireshark though.

[willlauer]

@BestVanRome can you check the static IP and netmask assigned to the device?

[BestVanRome]

Cepton-9499-capture1.pcapng.gz Is the destination-column telling the set netmask? Or is it possible to see the settings over the cepton-viewer? Anyhow, this was when I started the request.

My collegue changed the IP over a Win10-PC with your connection-tool, to 192.168.1.40, in the meantime. I can ping it, but cannot see any data in the cepton-viewer for example.

[liaody]

One possibility: Your network system are cutting off the second fragment of a fragmented IP packet. This long packet is our sensor’s “announcement” packet and it needs to be received for a detection.

[liaody]

Another possibility: Your ethernet doesn't have an IPV4 address assigned (some Ubuntu only use IPV6 by default).

[BestVanRome]

Does this tell a bit more? I have a IPv4 set.

I have also tried to switch of the IPv6 and just using the IPv4. after that ifconfig tells me this:

[jmdaly]

Hi there, I think your netmask is set incorrectly. Try setting it to 255.255.192.0. I think that's the correct value, but if that doesn't work, try setting it to 255.255.0.0.

[BestVanRome]

@jmdaly Neither of the suggested seem to work. My collegue, who works on a Win10 PC has also a netmask set to 255.255.255.0 and he has full access.

[liaody]

pcap works

@BestVanRome 255.255.255.0 works if your PC's IP matches the sensor's IP after the netmask. Since our sensor has 2 bytes of assigned value, best practice is just to set 255.255.0.0. If for some reason you need to keep 255.255.255.0, you need to set your own IP to match sensors, which in this case is 192.168.69.x

[BestVanRome]

@liaody unfortunatly there is still no improvement. I try to find some Options, I can set, to adjust the firewall... maybe there is something wrong.

[BestVanRome]

 # /etc/default/ufw
#

# Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback
# accepted). You will need to 'disable' and then 'enable' the firewall for
# the changes to take affect.
IPV6=yes

# Set the default input policy to ACCEPT, DROP, or REJECT. Please note that if
# you change this you will most likely want to adjust your rules.
DEFAULT_INPUT_POLICY="REJECT"

# Set the default output policy to ACCEPT, DROP, or REJECT. Please note that if
# you change this you will most likely want to adjust your rules.
DEFAULT_OUTPUT_POLICY="ACCEPT"

# Set the default forward policy to ACCEPT, DROP or REJECT.  Please note that
# if you change this you will most likely want to adjust your rules
DEFAULT_FORWARD_POLICY="DROP"

# Set the default application policy to ACCEPT, DROP, REJECT or SKIP. Please
# note that setting this to ACCEPT may be a security risk. See 'man ufw' for
# details
DEFAULT_APPLICATION_POLICY="SKIP"

# By default, ufw only touches its own chains. Set this to 'yes' to have ufw
# manage the built-in chains too. Warning: setting this to 'yes' will break
# non-ufw managed firewall rules
MANAGE_BUILTINS=no

#
# IPT backend
#
# only enable if using iptables backend
IPT_SYSCTL=/etc/ufw/sysctl.conf

# Extra connection tracking modules to load. IPT_MODULES should typically be
# empty for new installations and modules added only as needed. See
# 'CONNECTION HELPERS' from 'man ufw-framework' for details. Complete list can
# be found in net/netfilter/Kconfig of your kernel source. Some common modules:
# nf_conntrack_irc, nf_nat_irc: DCC (Direct Client to Client) support
# nf_conntrack_netbios_ns: NetBIOS (samba) client support
# nf_conntrack_pptp, nf_nat_pptp: PPTP over stateful firewall/NAT
# nf_conntrack_ftp, nf_nat_ftp: active FTP support
# nf_conntrack_tftp, nf_nat_tftp: TFTP support (server side)
# nf_conntrack_sane: sane support
IPT_MODULES=""

My ufw-config file. Don't see anything strange.

[liaody]

Not much more to offer, since you can capture on the same computer, there is really no reason for the viewer to not work. (routers and switches didn't block them). Can you load the pcap (convert from pcapng to pcap) on the same computer?

[BestVanRome]

How can I capture?
Did I miss something?

Ah I see, I converted it to pcap and now I can load it in the viewer.

But this still not solve the issue though.
I have an other idea. I think this might be a firewall problem, of ports. I have to check and will inform as soon as I tried out.

[BestVanRome]

Finally: My idea was right! I just added the allow rule to my Ubuntu-Firewall and voila! It works!

So the "ufw" needs the permission: sudo ufw allow 8808 which opens the port you are communicating over, right? What a coincidence, that I stumbled over it in your CeptonViewer.

However maybe, you should add that to your documentation for Ubuntu users. ;-)

[liaody]

Thanks for the ufw suggestion. We will definitely put it in the documentations. Hopefully we can get this into the next upcoming release. I'm closing this issue for now.