IIS 7 and Above
WebFarm requests logging
Last post Jun 20, 2018 02:22 PM by Yosh___
Jun 18, 2018 06:25 AM|Yosh___|LINK
I got an error while testing webfarm on one of my IIS servers.
OS -- Windows Server 2008R2, IIS -- 7.5.
Health check -- httpS://<host>:<port>/ping
Target server configured to use TLS1.2. I checked it connectivity with openssl, it does work.
TLS1.2 is switched on on IIS server through explicit setting keys in the registry. IIS check with openssl does show connectivity with TLS1.2.
Similar configuraiton on
2012R2 with IIS8.5 works fine. Even one 2008R2 server works fine.
Does anybody know how it is possible to trace webfarm requests?
Jun 19, 2018 05:02 AM|deepakpanchal10|LINK
You had asked that you got some error in using Web Farms,
I can see that you had mentioned that you are using IIS 7.5 on 2008 R2 and IIS 8.5 on 2012 R2.
But you said both working fine. I want to confirm with you that on which IIS you got this error.
If possible, Let us inform us about the error.
It can help us to narrow down the issue.
To trace the requests you can try to use Network Monitor.
Network Monitor 3.4 is the archive versioned tool for network traffic capture and protocol analysis. Download Microsoft Message Analyzer for updated parser support.
Microsoft Network Monitor 3.4 (archive)
Jun 19, 2018 08:03 AM|Yosh___|LINK
Thank you for reply.
Indeed, I have IIS8.5 on some 2012R2. And there is no issues there (all in one domain).
But also I have IIS7.5 on 2008R2 (in another domain) -- DEV, QA, UAT.
DEV and QA have IIS self-signed certificate. UAT -- Godaddy certificate.
DEV and UAT have the same set of fixpacks while QA slightly different:
KB2736422, KB2836942, KB2840631, KB2861698, KB2943357, KB2973112 are on DEV and UAT
KB2716513, KB3033929, KB3035126, KB3035132, KB3037574 are on QA.
Currently on all 3 web servers TLS1.2 explicitly permitted through registry for server and client communication (DisabledByDefault=0, Enabled=0xffffffff).
Health test with
on DEV and UAT failed with a message:
Cannot connect to the server. The HTTP status code is 0 and the error code is 80072F8F.
In unsecured environment it works as expected.
On QA health test passed for both cases: plain text and encrypted.
Jun 20, 2018 03:24 AM|deepakpanchal10|LINK
Did you try to make a test with Microsoft Network Monitor?
Does it help you to trace the request?
If you had did not make a test with it then try to make a test and let us know about the result.
We will try to provide further suggestions, If needed.
Jun 20, 2018 02:22 PM|Yosh___|LINK
First, Network Monitor is really very useful. And help a lot in understanding what is going and in what way. Definitely somebody may use WireShark. But Network Monitor is from Microsoft (that is a plus in many environments) and it is a handy tool. Thank
you a lot for that link.
Second, we were able to resolve an issue. For IIS7.5 we did the following:
This enabled TLS1.2 for our Cognos frontend. And again, this was verified with Network Monitor.