Hi All, I've got iis running on a dedicated line, the site works fine from local host, but not from internet clients. Log files don't show requests from external nets, I've been using wireshark to try and pinpoint the problem but I've come up empty. The HTTP
request come in just fine but the server just ignores them. Any ideas? Thanks -Alex
Can you please define "ignores them". What do you see?
We need the following information:
- How you access the website from the Internet (port, domain name, and any other important information. You may edit these if you do not want to share the real domain name, but please be consistent when editing something)
- All bindnings in IIS
I am specifially looking for a scenario where you have a bindning that works internally (such as localhost, or internal IP address), but does not work externally. Hence when you access the website from an external resource, IIS does not know which website
should handle the request, and "does nothing".
(I will be back in 10 hours, so anyone that can continue helping you are welcome to do so, so you can get an appropriate and fast answer)
Thanks for the quick reply. The site is bound to a domain name, which is resolved via dyndns. By "ignored" I mean I can see the request coming in via http but the server fails to respond. I can pull the site up via its domain name from the server but not from
a remote machine, which leads me to believe that all the bindings are correct.
- Set Host to <yourDomainNameHere>
- Set Path to /doesThisLogAnywhere.htm (yes, i want you to have exactly this string, so we can find it easily in the logfiles(s).
- Make a request from the remote machine.
- Wait for the response.
- Paste the complete request and response.
- Make a request from the local machine.
- Wait for the response.
- Paste the complete request and response.
You may edit the IP addressen, but please be consequent, because it is crucial to compare the IP addresses.
- Wait some time, so IIS can flush the respons to the log file. I don't know the value of the setting right now, but say 30 minutes and we should be fine.
- Check the log file for the website that should handle the request and see if there is anything logged. The log file is located in the following location (by default), C:\inetpub\logs\LogFiles\W3SVC[WebsiteId]\ where [WebsiteId] is the website id. If everything
is correct, you should have two requests for /doesThisLogAnywhere.htm. Do you have that, or only one?
- Check the log file for HTTP API, which is located here: C:\Windows\System32\LogFiles\HTTPERR\httperr1.log (replease 1 with the highest number, if there are more than one file). Do you see a matching request? (On my machine, the time is not correct, it differs
by several hours compared to the system clock, so please just compare the minute part of the time)
Remote: started....WWWConnect::Connect("tpi.homelinux.net","80")\n0x2749 (A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using a sendto call) no address was supplied.): connect()finished.
Local: started....WWWConnect::Connect("tpi.homelinux.net","80")\nIP = "207.181.211.149:80"\nsource port: 49849\r\n REQUEST: **************\nGET /doesthisloglocal.htm HTTP/1.1\r\n Host: tpi.homelinux.net\r\n Accept: */*\r\n \r\n RESPONSE: **************\nHTTP/1.1
404 Not Found\r\n Cache-Control: private\r\n Content-Type: text/html; charset=utf-8\r\n Server: Microsoft-IIS/7.0\r\n X-Powered-By: ASP.NET\r\n Date: Sun, 11 Jul 2010 19:21:06 GMT\r\n Content-Length: 5171\r\n \r\n \n \n \n \n \n \n \n \n<div id="header">
We have some key information in your post. Nslookup tells us that name resolution works, so we can rule out that. WFetch from the remote machine tells us that the client was never connected to the server. Is it possible that the remote machine you used,
need to use a proxy?
httperr.log indicate that there were nothing logged from the remote machine, but from the local machine (the last entry). What is interesting however, is that we can see old requests from the remote machine. This tells us that http.sys did receive a request
from a remote machine, but the request was somehow malformed.
I assume that the request was indeed valid, which should then indicate that something in between the client and server, changes the request.
Can you please see what you get when you configure WFetch properly (you probably need to set a proxy if you use that on the remote machine)? If you get a connection, check httperr.log again and see what http.sys does with the request. If you don't get a
connection, but another error in WFetch, please paste the new error.
Thats the conclusion I drew as well, there is not a proxy in place, and the remote (my dev machine) is connected directly to the internet. I'm really puzzled on this one. The only thing I can come up with is that it is a fresh (and therefor unactivated) copy
of windows server...
What makes me puzzled is that you have entries in httperr.log from the remote machine, but now we cannot connect, thus nothing is logged.
I have one last thing to try, but i am really running out of ideas since you see the request in WireShark. The website we are trying to connect to, does it bind to a specific IP address, or does it bind to "all unassigned"? Because if no website bind to
the IP address we are trying to connect to (no matter host header), we will not be able to connect to IIS.
Is the firewall enabled on the server? Does it block HTTP? It should not be blocked if we can see the request in WireShark, but perhaps that tool hook up to the network before the firewall (it sounds strange though).
Just bound it to another port, it works fine on that port so we'll use that for now. Thanks for you help. UPDATE: RCN (apparently) filters outbound connection on port 80 for non-static ip addresses.
aosmith
6 Posts
Configuration problem / port 80 filtering
Jul 10, 2010 07:11 PM|LINK
iis Local Subnet connection
KristoferG
1343 Posts
Moderator
Re: Configuration problem / port 80 filtering
Jul 10, 2010 08:05 PM|LINK
Can you please define "ignores them". What do you see?
We need the following information:
- How you access the website from the Internet (port, domain name, and any other important information. You may edit these if you do not want to share the real domain name, but please be consistent when editing something)
- All bindnings in IIS
I am specifially looking for a scenario where you have a bindning that works internally (such as localhost, or internal IP address), but does not work externally. Hence when you access the website from an external resource, IIS does not know which website should handle the request, and "does nothing".
(I will be back in 10 hours, so anyone that can continue helping you are welcome to do so, so you can get an appropriate and fast answer)
http://www.it-notebook.org
aosmith
6 Posts
Re: Configuration problem / port 80 filtering
Jul 10, 2010 08:12 PM|LINK
KristoferG
1343 Posts
Moderator
Re: Configuration problem / port 80 filtering
Jul 11, 2010 04:40 AM|LINK
Please do the following, with WFetch:
- Set Host to <yourDomainNameHere>
- Set Path to /doesThisLogAnywhere.htm (yes, i want you to have exactly this string, so we can find it easily in the logfiles(s).
- Make a request from the remote machine.
- Wait for the response.
- Paste the complete request and response.
- Make a request from the local machine.
- Wait for the response.
- Paste the complete request and response.
You may edit the IP addressen, but please be consequent, because it is crucial to compare the IP addresses.
- Wait some time, so IIS can flush the respons to the log file. I don't know the value of the setting right now, but say 30 minutes and we should be fine.
- Check the log file for the website that should handle the request and see if there is anything logged. The log file is located in the following location (by default), C:\inetpub\logs\LogFiles\W3SVC[WebsiteId]\ where [WebsiteId] is the website id. If everything is correct, you should have two requests for /doesThisLogAnywhere.htm. Do you have that, or only one?
- Check the log file for HTTP API, which is located here: C:\Windows\System32\LogFiles\HTTPERR\httperr1.log (replease 1 with the highest number, if there are more than one file). Do you see a matching request? (On my machine, the time is not correct, it differs by several hours compared to the system clock, so please just compare the minute part of the time)
http://www.it-notebook.org
aosmith
6 Posts
Re: Configuration problem / port 80 filtering
Jul 11, 2010 05:27 PM|LINK
Server Error in Application "TPI-SERVER"
</div> \n<div id="server_version">Internet Information Services 7.0
</div> \n<div id="content"> \n<div class="content-container"> \n \n</div> \n<div class="content-container"> \n \n</div> \n<div class="content-container"> \n \n</div> \n<div class="content-container"> \n \n</div> \n \n \n<div class="content-container"> \n \n</div> \n</div> \n \n \nfinished. and from the remote machine: C:\Users\Administrator>nslookup tpi.homelinux.net Server: imapsrv01.imagemap.local Address: 172.16.1.111 Non-authoritative answer: Name: tpi.homelinux.net Address: 207.181.211.149 Here's the logfile for today (pretty short): #Software: Microsoft Internet Information Services 7.0 #Version: 1.0 #Date: 2010-07-11 19:21:07 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken 2010-07-11 19:21:07 207.181.211.149 GET /doesthisloglocal.htm - 80 - 207.181.211.149 - 404 0 2 1875 HTTP API Log: #Software: Microsoft HTTP API 2.0 #Version: 1.0 #Date: 2010-07-10 00:16:45 #Fields: date time c-ip c-port s-ip s-port cs-version cs-method cs-uri sc-status s-siteid s-reason s-queuename 2010-07-10 00:16:45 207.181.211.149 49161 207.181.211.149 80 - - - - - Timer_ConnectionIdle - 2010-07-10 00:24:20 207.181.211.149 49194 207.181.211.149 80 - - - - - Timer_ConnectionIdle - 2010-07-10 20:21:30 207.181.211.149 49331 207.181.211.149 80 - - - - - Timer_ConnectionIdle - 2010-07-10 20:24:10 207.181.211.149 49379 207.181.211.149 80 - - - - - Timer_ConnectionIdle - 2010-07-10 20:29:05 207.181.211.149 49444 207.181.211.149 80 - - - - - Timer_ConnectionIdle - 2010-07-10 20:36:30 207.181.211.149 49446 207.181.211.149 80 - - - - - Timer_ConnectionIdle - 2010-07-10 20:53:55 68.254.116.142 63925 207.181.211.149 5357 - - - 400 - BadRequest - 2010-07-10 20:53:55 68.254.116.142 63937 207.181.211.149 5357 HTTP/1.0 GET / 503 - N/A - 2010-07-10 20:54:43 68.254.116.142 64050 207.181.211.149 5357 HTTP/1.1 GET /robots.txt 503 - N/A - 2010-07-10 20:54:43 68.254.116.142 64051 207.181.211.149 5357 HTTP/1.1 GET / 503 - N/A - 2010-07-10 20:54:43 68.254.116.142 64052 207.181.211.149 5357 HTTP/1.1 GET / 503 - N/A - 2010-07-10 20:54:43 68.254.116.142 64053 207.181.211.149 5357 HTTP/1.1 GET / 503 - N/A - 2010-07-10 20:54:43 68.254.116.142 64054 207.181.211.149 5357 HTTP/1.1 GET /favicon.ico 503 - N/A - 2010-07-10 22:12:55 207.181.211.149 49481 207.181.211.149 80 - - - - - Timer_ConnectionIdle - 2010-07-11 19:23:16 207.181.211.149 49849 207.181.211.149 80 - - - - - Timer_ConnectionIdle - (68.254.116.142 is the remote IP).KristoferG
1343 Posts
Moderator
Re: Configuration problem / port 80 filtering
Jul 12, 2010 05:32 AM|LINK
We have some key information in your post. Nslookup tells us that name resolution works, so we can rule out that. WFetch from the remote machine tells us that the client was never connected to the server. Is it possible that the remote machine you used, need to use a proxy?
httperr.log indicate that there were nothing logged from the remote machine, but from the local machine (the last entry). What is interesting however, is that we can see old requests from the remote machine. This tells us that http.sys did receive a request from a remote machine, but the request was somehow malformed.
I assume that the request was indeed valid, which should then indicate that something in between the client and server, changes the request.
Can you please see what you get when you configure WFetch properly (you probably need to set a proxy if you use that on the remote machine)? If you get a connection, check httperr.log again and see what http.sys does with the request. If you don't get a connection, but another error in WFetch, please paste the new error.
http://www.it-notebook.org
aosmith
6 Posts
Re: Configuration problem / port 80 filtering
Jul 12, 2010 05:42 AM|LINK
KristoferG
1343 Posts
Moderator
Re: Configuration problem / port 80 filtering
Jul 12, 2010 06:23 AM|LINK
What makes me puzzled is that you have entries in httperr.log from the remote machine, but now we cannot connect, thus nothing is logged.
I have one last thing to try, but i am really running out of ideas since you see the request in WireShark. The website we are trying to connect to, does it bind to a specific IP address, or does it bind to "all unassigned"? Because if no website bind to the IP address we are trying to connect to (no matter host header), we will not be able to connect to IIS.
Is the firewall enabled on the server? Does it block HTTP? It should not be blocked if we can see the request in WireShark, but perhaps that tool hook up to the network before the firewall (it sounds strange though).
http://www.it-notebook.org
aosmith
6 Posts
Re: Configuration problem / port 80 filtering
Jul 12, 2010 03:10 PM|LINK
aosmith
6 Posts
Re: Configuration problem / port 80 filtering
Jul 12, 2010 03:13 PM|LINK