#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2014
    Posts
    5
    Rep Power
    0

    Question can not access the IIS7 webpage from specific subnet


    Hello everyone

    Here is my problem: Windows server 2008 R2 with IIS7 installed and using default port 80. I have 3 test clients which contact the server to download and install updates.
    • Client1 is on the same subnet as the server (xxx.xx.30.xx) and it has access to the IIS7 webpage
    • Client2 is on subnet 52 and it can access the IIS7 webpage
    • Client3 is on subnet 25 and it can not access the IIS7 webpage


    It looks like a network problem, something is blocking access to IIS7 from the 25 subnet but I don't know how to troubleshoot it. Could someone please help me? Any suggestions are welcomed, these are test machines.

    Thank you for your time.
  2. #2
  3. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,565
    Rep Power
    4550
    How exactly are you accessing the server? If you're simply trying to open an html page and it fails, you may have a routing problem or a firewall problem. If you're trying to reach a vhost make sure the dns resolves to the web url properly.
    ======
    Doug G
    ======
    I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2014
    Posts
    5
    Rep Power
    0
    Hi Doug G

    I open Firefox and type the FQDN of the server in the browsing tab but on Client3 machine I get the connection has timed out error. While on the other 2 machines I can see the IIS7 webpage.

    Client3 can ping the FQDN and the IP of the server. I disabled the firewall on my server and tried again but with no joy.

    I checked if port 80 is listening:

    Code:
    PS C:\Users\Administrator> netstat -ab
    
    Active Connections
    
    
    Proto Local AddressTCP Foreign Address State PID
    TCP 0.0.0.0:23 KARIOLA:0 LISTENING 1400
    tlntsrv.exe
    TCP 0.0.0.0:80 KARIOLA:0 LISTENING 4
    Can obtain ownership information
    I also tried telnet from to the server but it can not establish a connection:
    Code:
    C:\Windows\system32> telnet <IP> 80
    Connecting To <IP>...Could not open connection to the host, on port 80: Connect failed
    Code:
    C:\Windows\system32> telnet <IP> 23
    Connecting To <IP>...Could not open connection to the host, on port 23: Connect failed
    Is there anything else I could investigate?
    If you have any more suggestions please let me know.

    Many thanks
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Posts
    144
    Rep Power
    13
    Can you ping the (xxx.xx.30.xx) subnet from client 25? Have you tried to access the webpage using both its FQDN and its IP address?
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2014
    Posts
    5
    Rep Power
    0
    Hi

    Yes I have tried both the FQDN and the IP address of the server but "Connection times out".
    However I can ping both of them.
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2014
    Posts
    5
    Rep Power
    0
    Hi

    Yes I have tried both the FQDN and the IP address of the server but "Connection times out".
    However I can ping both of them.
  12. #7
  13. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,565
    Rep Power
    4550
    Are these machine subnets on the same local network? If any are coming in from the internet maybe your isp is blocking http on the failing machine. Your server firewall appears correct since other sites can access the web server.

    Otherwise review firewall settings on the failing machine, perhaps it is configured to disallow remote http access. If you have any proxy servers in between check them too.
    ======
    Doug G
    ======
    I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton
  14. #8
  15. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2014
    Posts
    5
    Rep Power
    0
    Yes they are on the same local network. I can confirm there are no proxies.
    However, I found out that there is a router in between. I will request to check ACL rules on it.
  16. #9
  17. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,565
    Rep Power
    4550
    You'll probably need to visit the router settings to forward the http port through the router.
    ======
    Doug G
    ======
    I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton

IMN logo majestic logo threadwatch logo seochat tools logo