Solved

Cannot use SSL port  443 From 2008 server Cannot connect to any ssl web site.

Posted on 2011-02-15
11
3,683 Views
Last Modified: 2016-03-20
I have a very strange issue with a 2008 server I first noticed this problem when Mozy backup which is used for some files stopped working. I then found I could not reach any ssl site or even the internal interface of my sonicwall. I have run wireshark and found 443 bound to  the system process.  When I try and access a ssl site I can see a SYN going out to 443 then ,a return SYN with: Header checksum: 0x0000 [incorrect, should be 0x2dec] RST packet and so on. I have been trying to identify what on the server is causing this conflict.  Any Ideas?
0
Comment
Question by:Mike000001
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 33

Expert Comment

by:paulmacd
Comment Utility
Might be malware, but more likely something in the Firewall?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
What router / firewall do you have?  Some grab port 443 for remote management of the router itself, so you may need to reconfigure the port for remote management if the router.

Test for port 443 on www.canyouseeme.org to see if it is open and listening.
0
 

Author Comment

by:Mike000001
Comment Utility
Cant be the firewall because I would be able to access the inside interface via ssl
I also changed the owa port to 444 and tried stopping every service I could.


0
 
LVL 33

Assisted Solution

by:paulmacd
paulmacd earned 200 total points
Comment Utility
I'm wondering if the problem is on the server, not the Sonicwall.  Do you have the Windows Firewall turned off on the server?  Are you running anything in its place?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Re-run the Fix My Network Wizard.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 32

Accepted Solution

by:
it_saige earned 300 total points
Comment Utility
Go to the command prompt on the server and type in the following:

netstat -aon | find ":443"

This will provide a list of the process' that are using 443 on the server.  The PID can be used to find the process specifically in Task Manager that is using the port in question.

If it turns out to be something like lsass.exe or svchost.exe or rundll.exe , then you will need to use processexplorer from the SysInternals Pack to really determine the application.

ProcessExplorer can be found here: http://technet.microsoft.com/en-us/sysinternals/bb896653

HTH,

-saige-
0
 

Author Comment

by:Mike000001
Comment Utility
Everything points to the server it seems. I have the firewall off and symantec endpoint 12 disabled. IIS too
0
 

Author Comment

by:Mike000001
Comment Utility
TCP    0.0.0.0:443            0.0.0.0:0              LISTENING       4
 TCP    [::]:443               [::]:0                 LISTENING       4

process 4 is system



0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Have you re-run the fix my network wizard again yet?
0
 

Author Comment

by:Mike000001
Comment Utility
Hello  

I have run network wizard repair

I used netsh to reset the tcp\IP config to the defaults, this worked

Seems something messed up the IP stack  http://support.microsoft.com/kb/299357

note the commands are different for 2008

0
 

Author Closing Comment

by:Mike000001
Comment Utility
I solved it myself
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now