I have three Windows hosts on the same private LAN, each hosting an IIS default website. One host is running Windows 7 Pro, while the other two are running Windows 8.1 Update Version 6.3 (Build 9600).
Other computers on the local subnet can open the default website on each of the 3 hosts by entering each host's private IP address in a browser.
However, when I Port Forward port 80 on a gateway router in turn to each of the 3 hosts private IP address, then enter the public IP of the gateway router into a browser on a computer outside of the private network, only the Windows 7 host displays its default website.
When Port 80 is forwarded to either of the two Windows 8.1 Update hosts, the browser reports "This webpage is not available. Details: The host took too long to respond." Additionally, no record of the request appears in "C:\inetpub\logs\LogFiles\W3SVC1\u_exYYMMDD.log" on the host.
All three hosts have their Windows Firewall Inbound Rule "World Wide Web Services (HTTP Traffic-In)" set to Profile: All, Enabled: Yes, Action: Allow, Override: No, Program: System, Local Address: Any, Remote Address: Any, Protocol: TCP, Local Port: 80, Remote Port: Any, Authorized Users: Any, Authorized Computers: Any, Authorized Local Principles: Any, Local User Owner: Any, Application Package: Any.
Furthermore, disabling both Windows Firewall and Windows Defender made no difference. I have not installed any other security or firewall systems.
It appears that something is preventing port 80 requests from public ip addresses from reaching Windows 8.1 Update IIS. Yet the success on Windows 7 demonstrates that the gateway router is properly forwarding outside traffic to the assigned IP address.
What could be blocking the public ip port 80 requests to Windows 8.1 IIS, and how can I correct it?
Problem solved. It turned out the cause was Check Point VPN v98.60.202, from Check Point Software Technologies. I had installed this software to connect to a corporate client's internal network.
I suspected this was the cause because of how VPNs work, so I had previously closed the VPN software, but that didn't solve the problem. I actually needed to completely uninstall the Check Point VPN software and reboot the computer to remove the hooks it makes into the Operating System's TCP/IP stack. That allowed IP addresses outside of the host's subnet to again be served by IIS 8.5.
Related
I have setup a Virtualbox with a Linux environment running a web server. The host is running Windows 7, and I can access the web served by the server in the virtual machine from the host's browser.
However, I would like to be able to access this web server from another computer; say, a colleague on the same network that the host is in. Is there a way of doing so?
Summary:
Host (win7) interfaces:
- 172.16.1.15 (internet facing)
- 192.168.55.1 (VM facing)
Guest (linux with web server running) interface:
- 192.168.55.2
Web server is reachable from Host (through 192.168.55.1 - 192.168.55.2 interface)
Web server is NOT reachable from other computer on 172.16.1.X network.
Can you guys help me out on what I may be able to do in order to achieve this?
Thank you!
Well, despite downvotes without any kind of explanation why (thank you!), I have found a way of doing what I intended on Virtualbox settings:
On machine, right click, Settings > Network > Advanced > Port forwarding, and then, fill with corresponding data, i.e.:
host ip could be 0.0.0.0,
host port should be the port other users will use to access your computer (and thus the VM),
guest ip is the VM ip, and
guest port should be 80 if it is a web server typically).
Thank you, hope this helps to the next one running into this!
I and unable to RDP Azure VM on my corporate network using "DNS:Port" (like vmname.cloudapp.net:3389). It works fine on my home network, which means, endpoints are set correctly.
However, it was possible to RDP VM using Public IP but not anymore. With public IP, I was able to RDP VM on my corporate network, but not sure this has restricted recently?
Any way of to access a VM using Public IP rather DNS:Port format?
Thanks
It is common for enterprise IT to block outbound ports because some argue this provides better security. I don't think this necessarily makes sense, but here's what you can do to verify. As a best practice, always connect to Windows Azure VMs using DNS names rather than IP addresses because the addresses are subject to change, while DNS names will not.
1 Confirm the port you're trying to connect to. By default, Windows Azure assigns a port in the dynamic range (49152–65535) for Remote Desktop, which is mapped internally to the usual RDP port 3389. You can see which one this is by checking your VM endpoint public port in the Windows Azure portal (Select Virtual Machines > Your VM > Endpoints tab > RemoteDesktop entry). You need to connect using this port after the name (using the Connect button in the portal gives you an RDP shortcut file that does this for you). If my public port is 62472, I put this in the Remote Desktop Connection computer field:
percepten-VM1.cloudapp.net:62472
If you like, you can edit the public port here in the portal using the "Edit the endpoint" option on the RemoteDesktop entry. That way you can make it 3389 if your IT department asks you for a single port number to allow outbound.
2 Test your DNS resolution to your VM using nslookup or ping. If you get "non-existent domain", then your corporate DNS is blocking Windows Azure resolution. This is what you want to see:
>nslookup percepten-vm1.cloudapp.net
Non-authoritative answer:
Name: percepten-vm1.cloudapp.net
Address: 157.56.182.135
3 If you can resolve DNS, then try using an outbound port scan tool to verify port 3389 is allowed out. I found a nice one at portquiz.positon.org. To use, open the site with a port appended in the URL. In this case, open "http://portquiz.positon.org:3389". You should see this on the page:
Outgoing port tester
This server listens on all TCP ports, allowing you to test any
outbound TCP port. You have reached this page on port 3389.
...
4 If you receive "page not available", then the port is blocked. Try contacting IT to ask them to open port 3389 (or the entire dynamic range if you're feeling ambitious). If they want to open it only to specific places on the Internet, provide them this list of all Windows Azure IP address ranges:
Windows Azure Datacenter IP Address Ranges
Hope that helps!
Noah Stahl
Percepten
I completed a jsp project and I would like to make it available through the Internet. I opened the port 8084 to my router and I tried to reach the URL mypublicIP:8084, but nothing happens. I also have disabled the windows firewall and I'm not using any other firewalls. Thank you.
You must configure your router to forward the internet request to the particular computer that's running Tomcat. You do this by supplying the router with your computer's IP address which is different from what you're calling "mypublicIP". In my Linksys router configuration web application it's call Port Range Forwarding.
I run an ASP.NET Development Server (that came with MS Visual Studio 2010) on my Windows 7 machine. I'm currently developing an ASP.NET C# web application and to test it on Windows 7 machine I need to navigate my web browser to an address like this:
http://localhost:59215/Default.aspx
I also have the VMware Workstation 8 installed on that Windows 7 with other OS as virtual machines. I need to try to load my web app from those virtual machines, but when I type the above address there I get "Cannot display page" error in a browser. Note that I can access internet from a virtual machine itself, but for some reason localhost on the main machine is not accessible.
Any ideas how to set this up?
OK, I got it!
For those who're interested, here's how:
Say, my developement URL on the host computer is:
http://localhost:59215/Default.aspx
Download this util, called tcpTrace and run it on a host machine. When it starts configure it as follows:
Listen to port #: 80
Destination Server: localhost
Destination Port #: 59215 (which will be different in your case)
Click OK and let tcpTrace run on the host computer.
On the virtual machine navigate the browser to the IP address of the host computer, for instance in my case:
http://192.168.0.4/Default.aspx
and it will work!
PS. To get an IP address on the host machine, run ipconfig there (in a command prompt window). Your IP will be presented in the "IPv4 Address" line for network you're connected on.
PS2. Also my Windows 7 (host) doesn't come with any third-party anti-virus or firewall. It has a built-in Windows firewall and MS Security Essentials as an AVP. So if your setup is different one needs to open the incoming port 80.
PS3. Speaking of the VMWare Workstation, the virtual machine's network adapter setting is set on "NAT: Used to share the host's IP address" as it came out-of-box when you install it.
localhost is the local machine (to the OS).
I'm not sure if the VS dev server will allow external connections, you may want to install IIS - either way, you'll have to open up the Windows Firewall to allow external connections.
I'm no VMWare user but each OS will have its own IP address(?) - and that's how you'd connect to the Windows 7/IIS image. http://the.ip.address.of.the.win7.image/
I have a problem accessing my website created using Visual Studio on my local pc.
The pc is using Windows 7 and a static ip address has been configured. I have added a hostname "192.168.0.1 hosts myweb.mylocal.com" on c:\windows\system32\driver\etc.
On IIS I have configured the binding myweb.mylocal.com with impersonation set enabled and windows authentication is enabled.
The user login just keeps prompting even though I have entered the correct username and password.
Yea 192...* is router reserved IP.
I had the same issues with Windows 7 and and its due to IPV6.
Try disabling the IPv6 Protocol in "Control Panel\Network and Internet\Network Connections" and right clicking your stablished connection to your router, unticking the IPv6 and leaving the IPv4 selected to see if that will make a difference.;
Your local IP is more than likly :::1 or something along then lines!
-- Update
Where you have set you ip 192.168.0.1 to route to your local domain, try setting it to 127.0.0.1 so that it loops to itself and not via the gateway, Or you can leave it as it is and add the rule to your router to send traffic from the HTTP Port 80 to your PC.