Solved

Cannot login using IP or Netbios Name, but can browse using local host

Posted on 2014-04-07
11
450 Views
Last Modified: 2014-05-05
Team,

One of our client is using our application which has a web user interface.
The program runs on port 8014.  Usually, we should get the login screen when we type <IP:Port#> or <NetBIOS:Port#> or <LocalHost:Port# (while browsing from the local host)>

For this customer, we can browse this only using <LocalHost:Port#>.   This limits to open the webpage just from the local host.   We cannot access the Program from remote server because either <IP:Port#> or <NetBIOS:Port#> doesn't work.

Need help in debugging this issue.  Is there any utility which will get us to the problem area?

We are running the application on Windows 2008 R2 system and the application is using Tomcat.
0
Comment
Question by:santhoshu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39983530
Have you verified there isn't any software firewalls residing on the Windows 2008 R2 system which is blocking inbound 8014/TCP traffic?
0
 
LVL 10

Author Comment

by:santhoshu
ID: 39983534
Yes, I have checked that possibility.  No Software Firewalls are there.
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39983540
Have you tried connecting from a client on the same local subnet?  This will remove routing issues from the equation.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39983550
Obtain a packet capture (Wireshark) or monitor inbound connections (TCPView, netstat, etc.) to verify whether or not the HTTP request is actually making it to the web server.

When you did your local test, did you connect to localhost or 127.0.0.1 loopback address, or the actual local IP address on the LAN?  If the former, try connecting to the local LAN IP address.  Using TCPView, you can verify if the web service is listening and on what IP(s).  Perhaps it's only listening on 127.0.0.1 and not the LAN IP address.  Can you ping the web servers local LAN ip address from the server itself?  This will verify OSI layer 1 (physical), 2 (data-link), and 3 (network) are functional.  If OK, then try connecting to 8014/TCP via telnet/Putty, or your browser, to the LAN address to verify all layers are working.  Sometimes a client is experiencing browser issues, so it's best to manually connect via telnet/putty to eliminate that possibility from the equation.  Since your using a non-standard port, it's also feasible the client is preventing non-standard outbound requests.

You could also try connecting a client machine directly to the server using a cross-over cable.  This will eliminate network infrastructure from the equation.  Create a static hosts file entry on the client machine, just in case the web server is expecting a specific HTTP host header, or name resolution issues exist.  While very simple, have you tried rebooting the webserver as well?  It's always possible the service is experiencing issues related to memory leaks, instability, etc. which a reboot may address; especially if the service was working before and suddenly stopped responding, etc.
0
 
LVL 10

Expert Comment

by:tmoore1962
ID: 39983730
Customer doesn't have and vlans configured on network?  Also verify that the network configuration, i.e. default gateway correct, can you ping the host server by IP and name?  Are there any routers / bridges between the host and remote?
0
 
LVL 10

Author Comment

by:santhoshu
ID: 39983737
There are no Vlans or routers
I am not able to access the application using IP:Port# even from the very same system.
0
 
LVL 10

Author Comment

by:santhoshu
ID: 39983753
Reboot, Host file entry all are done.  No luck.

I used fiddler and it shows the error as

[Fiddler] The socket connection to 192.168.1.2 failed. <br />ErrorCode: 10060
 . <br />A connection attempt failed because the connected party did not prope
 rly respond after a period of time, or established connection failed because
 connected host has failed to respond 192.168.1.2:8014
0
 
LVL 15

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39983833
Did you verify service is listening on 192.168.1.2 via TCPView on local machine?

NETSTAT method:
netstat -anob>"%userprofile%\desktop\netstat.txt"

Open in new window

Service may only be listening on 127.0.0.1; check web server config file to verify bind address(es).

You could also try forwarding the port via netsh:
netsh interface portproxy add v4tov4 listenport=8014 listenaddress=192.168.1.2 connectport=8014 connectaddress=127.0.0.1

Open in new window

See http://technet.microsoft.com/en-us/library/cc731068%28v=ws.10%29.aspx#BKMK_1
0
 
LVL 10

Author Comment

by:santhoshu
ID: 39983879
Thanks Giovanni and others.

Giovanni,

netsh interface portproxy add v4tov4 listenport=8014 listenaddress=192.168.1.2 connectport=8014 connectaddress=127.0.0.1

If the service is only listening to port 127.0.0.1, then the above command will forward the request to 192.168.1.2, correct?

I can run this netsh command and then try to use IP:Port# and try, correct?
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39983884
If the service is only listening to port 127.0.0.1, then the above command will forward the request to 192.168.1.2, correct?

I can run this netsh command and then try to use IP:Port# and try, correct?

Yes that's correct; from an elevated privileged command prompt (Run cmd.exe as Administrator)

To list and remove:
netsh interface portproxy show all
netsh interface portproxy delete v4tov4 listenport=8014 listenaddress=192.168.1.2

Would be best to ensure web server config file is properly configured to listen on all IPs (generally expressed as 0.0.0.0) or 192.168.1.2 directly.

TOMCAT-HOME/conf/server.xml

See http://www.mulesoft.com/tcat/tomcat-connectors

(E.g. add address="0.0.0.0" to Connector string)
0
 
LVL 10

Author Comment

by:santhoshu
ID: 40026607
I tried netsh interface portproxy add v4tov4 listenport=8014 listenaddress=192.168.1.2 connectport=8014 connectaddress=127.0.0.1


No Luck....
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month5 days, 21 hours left to enroll

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question