Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 454
  • Last Modified:

Cannot login using IP or Netbios Name, but can browse using local host

Team,

One of our client is using our application which has a web user interface.
The program runs on port 8014.  Usually, we should get the login screen when we type <IP:Port#> or <NetBIOS:Port#> or <LocalHost:Port# (while browsing from the local host)>

For this customer, we can browse this only using <LocalHost:Port#>.   This limits to open the webpage just from the local host.   We cannot access the Program from remote server because either <IP:Port#> or <NetBIOS:Port#> doesn't work.

Need help in debugging this issue.  Is there any utility which will get us to the problem area?

We are running the application on Windows 2008 R2 system and the application is using Tomcat.
0
santhoshu
Asked:
santhoshu
  • 5
  • 5
1 Solution
 
Giovanni HewardCommented:
Have you verified there isn't any software firewalls residing on the Windows 2008 R2 system which is blocking inbound 8014/TCP traffic?
0
 
santhoshuAuthor Commented:
Yes, I have checked that possibility.  No Software Firewalls are there.
0
 
Giovanni HewardCommented:
Have you tried connecting from a client on the same local subnet?  This will remove routing issues from the equation.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Giovanni HewardCommented:
Obtain a packet capture (Wireshark) or monitor inbound connections (TCPView, netstat, etc.) to verify whether or not the HTTP request is actually making it to the web server.

When you did your local test, did you connect to localhost or 127.0.0.1 loopback address, or the actual local IP address on the LAN?  If the former, try connecting to the local LAN IP address.  Using TCPView, you can verify if the web service is listening and on what IP(s).  Perhaps it's only listening on 127.0.0.1 and not the LAN IP address.  Can you ping the web servers local LAN ip address from the server itself?  This will verify OSI layer 1 (physical), 2 (data-link), and 3 (network) are functional.  If OK, then try connecting to 8014/TCP via telnet/Putty, or your browser, to the LAN address to verify all layers are working.  Sometimes a client is experiencing browser issues, so it's best to manually connect via telnet/putty to eliminate that possibility from the equation.  Since your using a non-standard port, it's also feasible the client is preventing non-standard outbound requests.

You could also try connecting a client machine directly to the server using a cross-over cable.  This will eliminate network infrastructure from the equation.  Create a static hosts file entry on the client machine, just in case the web server is expecting a specific HTTP host header, or name resolution issues exist.  While very simple, have you tried rebooting the webserver as well?  It's always possible the service is experiencing issues related to memory leaks, instability, etc. which a reboot may address; especially if the service was working before and suddenly stopped responding, etc.
0
 
tmoore1962Commented:
Customer doesn't have and vlans configured on network?  Also verify that the network configuration, i.e. default gateway correct, can you ping the host server by IP and name?  Are there any routers / bridges between the host and remote?
0
 
santhoshuAuthor Commented:
There are no Vlans or routers
I am not able to access the application using IP:Port# even from the very same system.
0
 
santhoshuAuthor Commented:
Reboot, Host file entry all are done.  No luck.

I used fiddler and it shows the error as

[Fiddler] The socket connection to 192.168.1.2 failed. <br />ErrorCode: 10060
 . <br />A connection attempt failed because the connected party did not prope
 rly respond after a period of time, or established connection failed because
 connected host has failed to respond 192.168.1.2:8014
0
 
Giovanni HewardCommented:
Did you verify service is listening on 192.168.1.2 via TCPView on local machine?

NETSTAT method:
netstat -anob>"%userprofile%\desktop\netstat.txt"

Open in new window

Service may only be listening on 127.0.0.1; check web server config file to verify bind address(es).

You could also try forwarding the port via netsh:
netsh interface portproxy add v4tov4 listenport=8014 listenaddress=192.168.1.2 connectport=8014 connectaddress=127.0.0.1

Open in new window

See http://technet.microsoft.com/en-us/library/cc731068%28v=ws.10%29.aspx#BKMK_1
0
 
santhoshuAuthor Commented:
Thanks Giovanni and others.

Giovanni,

netsh interface portproxy add v4tov4 listenport=8014 listenaddress=192.168.1.2 connectport=8014 connectaddress=127.0.0.1

If the service is only listening to port 127.0.0.1, then the above command will forward the request to 192.168.1.2, correct?

I can run this netsh command and then try to use IP:Port# and try, correct?
0
 
Giovanni HewardCommented:
If the service is only listening to port 127.0.0.1, then the above command will forward the request to 192.168.1.2, correct?

I can run this netsh command and then try to use IP:Port# and try, correct?

Yes that's correct; from an elevated privileged command prompt (Run cmd.exe as Administrator)

To list and remove:
netsh interface portproxy show all
netsh interface portproxy delete v4tov4 listenport=8014 listenaddress=192.168.1.2

Would be best to ensure web server config file is properly configured to listen on all IPs (generally expressed as 0.0.0.0) or 192.168.1.2 directly.

TOMCAT-HOME/conf/server.xml

See http://www.mulesoft.com/tcat/tomcat-connectors

(E.g. add address="0.0.0.0" to Connector string)
0
 
santhoshuAuthor Commented:
I tried netsh interface portproxy add v4tov4 listenport=8014 listenaddress=192.168.1.2 connectport=8014 connectaddress=127.0.0.1


No Luck....
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now