When specifying a port to bind to with .UseKestrel() I get the errors listed below.. but if I remove the kestrel options everything works normally if I check the API from my browser.
I've tried binding to the port that my application defaults to with no ports chosen and I've tried checking netstat to actively avoid any ports that are in use. Nothing works but removing the options entirely. This is not replicated on my Mac or another Windows 10 machine. This device is Windows 10.
.UseKestrel(options =>
{
options.Listen(IPAddress.Loopback, 50470);
options.Listen(IPAddress.Any, 80);
})
: Microsoft.AspNetCore.Server.Kestrel[0]
Overriding address(es) 'http://localhost:50470/'. Binding to endpoints defined
in UseKestrel() instead.
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
System.Net.Sockets.SocketException (10013): An attempt was made to access a
socket in a way forbidden by its access permissions
at
System.Net.Sockets.Socket.UpdateStatusAfterSocketErrorAndThrowException
(SocketError error, String callerName)
at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress
socketAddress)
at System.Net.Sockets.Socket.Bind(EndPoint localEP)
at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketTransport.
BindAsync() at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.
<>c__DisplayClass21_01.<<StartAsync>g__OnBind|0>d.MoveNext() `
Also check Darkthread's answer here: https://superuser.com/questions/1486417/unable-to-start-kestrel-getting-an-attempt-was-made-to-access-a-socket-in-a-way
We discovered that a port we had been using for a long time wasn't acccessible anymore because it had been reserved by Windows! You may wish to check reserved ports using this command:
netsh interface ipv4 show excludedportrange protocol=tcp
After Windows Update, some ports are reserved by Windows and applications cannot bind to these ports. please check this command for forbiden port on Os
netsh interface ipv4 show excludedportrange protocol=tcp
In my case, Removing invalid local IP and Port address combinations from the app's launchSettings.json did it.
The additional binding of port 80 in ".UseKestrel(options => { options.Listen(...) })" was causing the issue in my case.
When you run an ASP.NET Core application directly through Kestrel, without an additional reverse proxy like IIS or nginx, you will need to configure the hosting URL properly.
The problem was because, you did not follow Port sharing limitation in Kestrel web server.
When you to use the Kestrel web server, you should set unique port to app. (if you use the port 80, make sure no apps use this port).
and your app has enough permissions, too.
more info:
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel?view=aspnetcore-2.2
I hope is useful.
Try Updating The Https Certificate
with this command. It worked for me!!
dotnet dev-certs https
The problem was with the additional binding of port 80, updating this corrected the problem.
Related
I have this tiny piece of code where I try to add prefixes for my HttpListener:
listener = new HttpListener();
listener.Prefixes.Add("http://192.168.0.108:8088/");
listener.Start();
Which throws:
System.Net.HttpListenerException (0x80004005): The format of the specified network name is not valid
I've tried everything: turning off firewall, running as administrator, registering given URL with netsh http urlacl and yet, nothing has worked so far.
I checked with netstat if that address is open to use and it is.
The weird thing about this is that I have been using this address for a long time until Windows 10 Fall Creators Update, since this update, only localhost is working.
Is there anything else that I forgot about or might try?
You probably forgot to configure your system to listen for HTTP protocol communication coming from the specified IP address. Try running the following command to include it:
netsh http add iplisten 192.168.0.108
Once this is done, check the list of the addresses (in which your IP should now appear):
netsh http show iplisten
and then try to run your code again.
I'm trying to host a TCP socket server on a Google Compute Engine, i added the following rule on GCE firewall-rules (sockets-port 0.0.0.0/0 tcp:11000 Apply to all targets) but the port is still inaccessible from the outside using the public IP (ephemeral in my case).
Is there more to be done in this case? should i use ufw on the VM itself to set additional rules?
Any help or hints would be appreciated, thx.
EDIT:
1) firewall settings:
NAME NETWORK SRC_RANGES RULES SRC_TAGS TARGET_TAGS
default-allow-http default 0.0.0.0/0 tcp:80 http-server
default-allow-https default 0.0.0.0/0 tcp:443 https-server
default-allow-icmp default 0.0.0.0/0 icmp
default-allow-internal default 10.128.0.0/9 tcp:0-65535,udp:0-65535,icmp
default-allow-rdp default 0.0.0.0/0 tcp:3389
default-allow-ssh default 0.0.0.0/0 tcp:22
sockets-port default 0.0.0.0/0 tcp:11000
2) on the VM itself the SocketListener class (C#) gives the error :
Cannot assign requested address
at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Bind(EndPoint localEP)
"IPEndpoint consists of the public IP of the machine and port 11000
This is a classic problem with GCE, you must bind your server socket to 0.0.0.0, instead of the external IP. I don't know if this is by design.
The external IP is a virtual IP. The infrastructure knows how to direct traffic targeting the IP to your VM, but it is not bound to any of the VM's network interfaces. If you run sudo ifconfig in the VM, you will only see the internal IP on eth0.
I ran a tutorial including HTTP server app for raspberry pi 3.
Link here: https://incredibits.io/project/windows-10-iot-internet-of-things-tips/windows-10-iot-raspberry-pi-web-server
In my local network everything works perfectly. I run server, type in browser local IP of my raspberry (192.168.x.x) and "hello world" appears - great. But, I have an issue when i want reach my HTTP server outside from my LAN.
What i did:
1. forwarded port 80 in my router
2. opened port 80 in raspberry pi with below commands in PowerShell
netsh advfirewall firewall add rule name="Open 80" dir=in action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name="Open 80" dir=out action=allow protocol=TCP localport=80
checked if above commands works by typing
netsh advfirewall firewall show rule name="Open 80"
and i get that response:
Rule Name: Open 80
----------------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: TCP
LocalPort: 80
RemotePort: Any
Edge traversal: No
Action: Allow
Rule Name: Open 80
----------------------------------------------------------------------
Enabled: Yes
Direction: In
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: Any
Protocol: TCP
LocalPort: 80
RemotePort: Any
Edge traversal: No
Action: Allow
Ok.
checked if my port is visible as open with http://www.yougetsignal.com/tools/open-ports/ - it was CLOSED (ofcourse with server app run
ran exactly the same app in my notebook (with windows 10 ofcourse). I forwarded port 80 in router into my netbook, i checked if port is open - and it was OPEN. I type my external IP into browser and it works. I even try to do it from my smartphone to be sure and it also works.
I think that is a proof that a problem is in my raspberry - its settings
Make sure you have the "Internet (Client & Server)" capability selected in your app manifest. You can find this setting by opening the Package.appxmanifest file and clicking the Capabilities tab.
I solved it.
The problem was in my router setup. I have two NAT options (Virtual Server Setup and Port Triggering Setup) and i had settings like below:
Removing "web" setting in NAT - Port Triggering Setup solved my problem. My HTTP server running on raspberry pi became visible for outside world.
I don't know why this settings didnt block HTTP server running on laptop but this is different story. Problem with raspberry pi server - solved.
Same situation as this question, HttpListener not receiving remote requests, even with the firewall down and all prefixes registered, namely:
the HttpListener is only receiving requests from the same machine
the application is running on a Windows EC2 instance (same spec as the other question)
the ports being used are registered and opened in the firewall (I also temporarily took down the firewall to ensure that wasn't the issue)
The prefix I'm using is http://*:8080/
Differences from the other question:
The security groups of the EC2 are correctly configured
It was accepting outside requests, until (as far as I know) today and I'm not aware of any system changes (but I'm open to all ideas, whatsoever)
Additional info:
The EC2 instance and system is passing all status checks
I restarted the instance; no change
The http status code sent back (not from my server application, from the system) to a remote client is a 503 (service unavailable)
I've checked and rechecked that the url is correct (I have an elastic IP address and am using the public DNS of the instance in the url)
I ran netstat to make sure the port was not being used by other processes
Any ideas for things to check or try are completely welcome; I've pretty much run out of ideas...
If you have more than one urlacl on the same port, e.g. like:
$ netsh http show urlacl
Reserved URL : http://+:8080/
User: PUBEN\myself
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;S-1-5-21-436374069-1547161642-1177238915-5114)
Reserved URL : http://192.168.47.120:8080/
User: \Everyone
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;WD)
Reserved URL : http://127.0.0.1:8080/
User: \Everyone
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;WD)
You will get ServiceUnavailable due to the first reservation in the list. To fix,
netsh http delete urlacl url=http://+:8080/
Or just use Suave.io and save yourself the headache.
Couple of thoughts, some you've likely already checked:
Make sure you can still hit the listener locally on the machine - just to factor out something wrong with the code iteself
Make sure there is nothing else running on that port on that machine
Check the event viewer - any errors in there that may apply? Other events? A recent Windows Update - anything?
Try another port - to rule out port conflicts, try a different one
Make sure you are bound to the prefix: http://*:{your-port-#-here}/ - also, when you make your call HttpListener can be very specific, if you include a trailing slash in the prefix you register make sure you include that in your call, etc.
When you try to hit the machine - what address are you using: an EC2 Elastic IP address, the EC2 public dns, some DNS name you have routed to that machine? I have seen EC2 machines change public IP/DNS after a reboot before, maybe yours has changed?
That's all I can think of for now. Good luck.
I have a Windows Service that does the following when started. When running via a Console application it works fine, but once I put in a Windows Service I get the below exception. Here is what I have tried so far:
Disabled the firewall, also tried adding explicit exclusions for the exe, port, and protocol
Checked CAS Policy Config, shows unrestricted rights
Configured the Service to run as an Administrator Account, Local System, Local Service, and Network Service, each with the same result
Tried different ports
Also tried 127.0.0.1 just to see... same issue
This is wrecking my head, so any help would be greatly appreciated:
The Code:
var _listener = new TcpListener(endpoint); //192.168.2.2:20000
_listener.Start();
The resulting Exception:
Service cannot be started. System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions
at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Bind(EndPoint localEP)
at System.Net.Sockets.TcpListener.Start(Int32 backlog)
at System.Net.Sockets.TcpListener.Start()
at Server.RequestHandler.StartServicingRequests(IPEndPoint endpoint)
at Server.Server.StartServer(String[] args)
at Server.Server.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
I recommend you bind to an endpoint with IPAddress.Any (0.0.0.0) and a specific port.
The error message is likely because another application already has that port open or has recently had it open exclusively.
More information on the error code is on MSDN.