demolition_unit
asked on
cannot telnet on port 443 on LAN
HI Experts,
just got a little problem, i cannot telnet from my ISA server to my SMTP server on port 443.
I have allowed all access from isa to the smtp server on 443, but each time i try it, connection is refused
i can telnet from ISA box to the server on port 25 and port 80, but it refuses connection on port 443.
any suggestions?
just got a little problem, i cannot telnet from my ISA server to my SMTP server on port 443.
I have allowed all access from isa to the smtp server on 443, but each time i try it, connection is refused
i can telnet from ISA box to the server on port 25 and port 80, but it refuses connection on port 443.
any suggestions?
SMTP should be running on port 25... not 443. Unless you've changed it for some reason?
ASKER
let me clarify, i cannot telnet from a server called "ISA1" to a server called "smtp1" on port 443 (HTTPS)
both servers are on my LAN, if i telnet to "smtp1" on port 25 or 80 it works fine, but if i telnet on port 443 i get a connection refused...
both servers are on my LAN, if i telnet to "smtp1" on port 25 or 80 it works fine, but if i telnet on port 443 i get a connection refused...
Hi
on smtp1 can you run the following command
netstat -an | find ":443"
Is the server actually listening on port 433?
If it is can you connect locally via port 443 on Smpt1
In ISS manager: expand "web sites" node and right click on "default web site" and select properties.
Select "Directory security" tab , click edit under" ip address and domain name restrictions"
Is your ISA1 server IP address denied
Note: 443 wil not respond to get commands in the same way as on port 80.
on smtp1 can you run the following command
netstat -an | find ":443"
Is the server actually listening on port 433?
If it is can you connect locally via port 443 on Smpt1
In ISS manager: expand "web sites" node and right click on "default web site" and select properties.
Select "Directory security" tab , click edit under" ip address and domain name restrictions"
Is your ISA1 server IP address denied
Note: 443 wil not respond to get commands in the same way as on port 80.
You do know that port 443 is the SSL port right? I assume you are using telnet to check if the port is accepting connections. Have you tried telnetting to localhost 443 on the smtp1 server? If that works, try telnetting to the ip of smtp1 from smtp1 just to confirm it replies to both actions. If it works locally on smtp1 and not from the other host, there still is a problem with firewall/access rules
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
suggestionstick:
i've tried netstat -an | find ":443" on the server, and there are NO results, seems like it's not listening on 443
in IIS manager there is no default website, the only thing installed on this server is the SMTP service, so that's the only thing that can be seen in IIS mgr.
i've tried netstat -an | find ":443" on the server, and there are NO results, seems like it's not listening on 443
in IIS manager there is no default website, the only thing installed on this server is the SMTP service, so that's the only thing that can be seen in IIS mgr.
ASKER
groetting:
telnetting to localhost 443 on the smtp1 (and with the IP address) server does not work. i get a "connection failed" message
telnetting to localhost 443 on the smtp1 (and with the IP address) server does not work. i get a "connection failed" message
ASKER
Keith:
my mistake, on telnet i recieve a "connection failed" message. I have tried opening ISA up both ways, but that wont seem to fix the problem.
a netstat -an does not show 443 being listened to at all...
my mistake, on telnet i recieve a "connection failed" message. I have tried opening ISA up both ways, but that wont seem to fix the problem.
a netstat -an does not show 443 being listened to at all...
Hi
If the server Smtp1 is not listening on 443 then you will not be able to telnet to it no matter where you are, or what firewall rules you have in place.
I think you should focus on why 443 is not listening on SMTP1
Can you type the following command
netstat -anb | find ":80"
and copy/paste
thanks in advance
Trev
If the server Smtp1 is not listening on 443 then you will not be able to telnet to it no matter where you are, or what firewall rules you have in place.
I think you should focus on why 443 is not listening on SMTP1
Can you type the following command
netstat -anb | find ":80"
and copy/paste
thanks in advance
Trev
By default IIS doesn't listen on 443, only 80. You would actually have to set that up within IIS to get any type of listener on 443.
Hi
The previous command in my post, will not supply the information I need, sorry about that.
Run Instead
netstat -anb and manually locate port 80, I need the owner process just listed below the 0.0.0.0:80
example
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 1764
[inetinfo.exe]
Thanks in advance
Trev
The previous command in my post, will not supply the information I need, sorry about that.
Run Instead
netstat -anb and manually locate port 80, I need the owner process just listed below the 0.0.0.0:80
example
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 1764
[inetinfo.exe]
Thanks in advance
Trev
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi
he was refering to IIS manager, it only had SMTP service listed, he could be running a non IIS web server on the box. This is why I asked for a netstat -anb for port 80, as it will should the owner process.
Trev
he was refering to IIS manager, it only had SMTP service listed, he could be running a non IIS web server on the box. This is why I asked for a netstat -anb for port 80, as it will should the owner process.
Trev
ASKER
Hi Guys,
it turns out that i no longer need access to this server on port 443. we have decided to change our design.
i'm happy to increase the points to 250and split them amongst you guys :)
it turns out that i no longer need access to this server on port 443. we have decided to change our design.
i'm happy to increase the points to 250and split them amongst you guys :)