I have installed the TURN server everything in the server code is working fine. no error in the log file. only a warning stating
0: WARNING: I cannot support STUN CHANGE_REQUEST functionality because only one IP address is provided
but the TURN server running on the server.
here is what shows when I check lsof -i :3478
turnserve 999 root 15u IPv4 446811411 0t0 TCP domain.com:stun (LISTEN)
turnserve 999 root 23u IPv4 446811417 0t0 TCP domain:stun (LISTEN)
turnserve 999 root 24u IPv4 446810998 0t0 UDP domain.com:stun
turnserve 999 root 25u IPv4 446810999 0t0 UDP domain.com:stun
when I check STUN in Trickle ICE it throws an errors
The server stun:xxx.xxx.xxx.xxx:3478 returned an error with code=701:
STUN server address is incompatible.
The server stun:xxx.xxx.xxx.xxx:3478 returned an error with code=701:
STUN allocate request timed out.
what's going wrong in this.
Thank you
I think that 701 error is a more generic connectivity error that Trickle ICE uses to indicate it didn't get a binding response back. Run stunclient your.stun.ip.address with the command line tools at www.stunprotocol.org to see if your STUN service is accessible from the outside world.
STUN technically requires being hosted on a device with two IP addresses and two ports. It's typically a command line parameter to specify which IP addresses the server should listen on. But most server implementations can operate on a host with a single IP address.
The second IP address and port on the server is used for STUN client filtering tests to detect what type of NAT is in effect. The client sends a binding request on the server's primary ip and port, but with a change request attribute to have the server respond from the alternate IP address or port. More often than not, this binding request with a change-request attribute fails since NATs will not forward traffic from the other IP/port.
The filtering test is useful for logging what type of NAT the client is on. So that failed connections can be debugged and that success/failure metrics can be correlated to NAT type.
Since most ICE implementations will exchange all available address candidates (local, mapped, and relay), the filtering test isn't very or useful to connectivity establishment.
I'm surprised Trickle ICE is giving you an error. I didn't think WebRTC ever used the changer-request attribute. I just did a Wireshark trace of a Trickle ICE session to stunserver.stunprotocol.org. I don't see the webrtc client setting the change-request attribute in either of the two binding requests it makes.
More details in RFC 5780 Section 3.2
In macOS, I just do so:
> brew install stuntman
when it done
> stunclient stunserver.stunprotocol.org
Binding test: success
Local address: 198.18.0.1:54898
Mapped address: 210.0.158.130:56750
To specify port, just like this:
> stunclient stunserver.stunprotocol.org 3478
Binding test: success
Local address: 198.18.0.1:63061
Mapped address: 210.0.158.130:37126
Have fun!
I have both a client and a broker running on a remote Linux machine within a Lora Network server that has a mosquitto connector.
The client can listen for the broker's broadcast from a certain address and port (#127.0.0.1:1883)
I would like to open an ssh tunnel between this remote machine and my machine (windows 10) to 'eavesdrop' on the communication between the client and the broker using MQTT.fx to run a mosquitto client;
So far I tried to:
Run ssh -L 22883:#remoteMachineAdress:1883 usern.ame#gatewayAdress -p222 on MobaXtrem](https://mobaxterm.mobatek.net/)
Then I launch a client on MQTT.fx to listen on the broker: 127.0.0.1 port 22883.
This establishes a connection to the broker. However, I am not receiving any of the messages passed to the original client (the one on the remote machine) receives.
Can anyone tell me what am I doing wrong?
And if there are any tutorials about this?
I appreciate all the help I can get, thank you in advance!
This configuration is correct, it was the connector on the server who was sending the data to a different application.
I have a Windows 2008 R2 server that will need to listen on a particular port (e.g. 1234) in order for an application upgrade to work, but currently the application doesn't have a listener service configured for port 1234.
Our firewall is managed by a third party, but I would like to check in advance that the port 1234 has been opened before I install the update. Is this possible?
I know I can telnet to the server on other listening ports, but as this server has no application listening to 1234 I can't be certain that it is in fact, open. Telnet results are inconsistent when connecting to ports that are apparently listening in netstat.
Is there anything I can do in Powershell or VB for instance, to set up a listener for port 1234 in advance of the upgrade to ensure it will go smoothly?
Many thanks in advance.
Anything that accepts traffic would work.
Run some other service on port 1234 and see if you can connect to that.
Use a network sniffer like WireShark on the server and see if you're getting connection attempts to port 1234.
Install netcat on the server and tell it to listen to port 1234 then connect to that port on the firewall. If it connects, the port is open. (This is really the same as #1 but without an actual service.)
I installed XAMPP 1.6.8 and for some reason it didn't work. Later realized port 80 is not free or not listening. How can I release it or make it free?
Thanks a lot!
I found out that what was taking over port 80 is http api service. I wrote in cmd:
net stop http
Asked me "The following services will be stopped, do you want to continue?" Pressed y
It stopped a number of services actually.
Then wrote localhost and wallah, Apache is up and running on port 80.
Important: Skype uses port 80 by default, you can change this in skype options > advanced > connection - and uncheck "use port 80"
netstat -ano
That will show you the PID of the process that is listening on port 80.
After that, open the Task Manager -> Processes tab. From the View -> Select Columns menu, enable the PID column, and you will see the name of the process listening on port 80.
I had this problem previously,
if you see the Task manager(after enabling the view for PID), you will find PID=4 is "port 80 in use by NT Kernel & System; "
Just go to
Control Panel
Programs
Turn Windows features on/off
check if the World wide web services under IIS is checked
If so, Uncheck and netstat(or TCPVIEW) again to see if 80 is free.
netstat -a -b
Should tell you what program is bound to port 80
use netstat -bano in an elevated command prompt to see what apps are listening on which ports.
But Usually following applications uses port 80 in windows.
IIS
World Wide Web Publishing service
IIS Admin Service
SQL Server Reporting services
Web Deployment Agent Service
Stop above applications if running and check!!!
Use TcpView to find the process that listens to the port and close the process.
Other option to try is to stop SQL Server Reporting Services.
You can use net stop http it will display which process is using. Moslty world wide web services are using
Try
netstat -anb -p tcp
that show ports and processes
I was trying to install nginx from here - http://nginx.org/en/docs/windows.html
Going to http://localhost/ will show something, at least a proper "not found" message
This is because 80 is the default port, and it was taken by other processes.
Now run below command:
net stop http
// Above command stopped below services
// - SSDP Discovery
// - Print Spooler
// - BranchCache
// - Function Discovery Resource Publication
// - Function Discovery Provider Host
Now, going to http://localhost/ will fail with a broken link page message.
Main process was BranchCache
This process, after stopped, will restart in a few seconds.
So we need to run other commands we need soon, an example below:
// this will stop
net stop http
// immeidately run other command you want to
start nginx
Now, going to http://localhost/ gave me:
Welcome to nginx!
Hope that helps.
Type in "netstat -ano" into your command line. I saw that it was showing something for Local Address port 0.0.0.0:80.
My issue was because I had SQL Server Reporting Services on Port 80. So I followed these instructions and changed the port # from 80 to 81:
http://seankilleen.com/2012/11/how-to-stop-sql-server-reporting-services-from-using-port-80-on-your-server-field-notes/
Here is a picture of my command line AFTER I changed the port number for SQL Server Reporting Services:
If you are still having the same issue, read this forum:
http://forum.wampserver.com/read.php?2,66196,66233#REPLY
This is just a guess, but since port 80 is the conventional port for HTTP, you may have a webserver running on your system. Is IIS active?
If you are running IIS you may have the web farm service running. That was what was killing my xampp.
Skype likes to use port 80 and blocks IIS. That was my prob.
I also had the same problem. net stop http didn't help and World wide web services option under IIS in Windows Control Panel was unchecked. So in XAMPP control panel I just checked the Svc checkbox near Apache start button (Install Apache as service) and rebooted Windows. And now each time Windows starts Apache is started automatically and occupies port 80 before any other service does. Worked for me!
Known Windows Services That Listen on Port 80
From Services Manager (run: services.msc), stop and disable these Windows Services which are known to bind to port 80.
Double click Service, and change ‘Startup Type’ to ‘Disabled’…
SQL Server Reporting Services (ReportServer)
Web Deployment Agent Service (MsDepSvc)
BranchCache (PeerDistSvc)
Sync Share Service (SyncShareSvc)
World Wide Web Publishing Service (W3SVC)
Internet Information Server (WAS, IISADMIN)
skype also using port 80 as default setting and you can uncheck it.
You might, or might not, have some of these Services installed and running.
In my case "SQL Server Reporting Services" was opening port 80.
Identify the real process programmatically
(when the process ID is shown as 4)
The answers here, as usual, expect a level of interactivity.
The problem is when something is listening through HTTP.sys; then, the PID is always 4 and, as most people find, you need some tool to find the real owner.
Here's how to identify the offending process programmatically. No TcpView, etc (as good as those tools are). Does rely on netsh; but then, the problem is usually related to HTTP.sys.
$Uri = "http://127.0.0.1:8989" # for example
# Shows processes that have registered URLs with HTTP.sys
$QueueText = netsh http show servicestate view=requestq verbose=yes | Out-String
# Break into text chunks; discard the header
$Queues = $QueueText -split '(?<=\n)(?=Request queue name)' | Select-Object -Skip 1
# Find the chunk for the request queue listening on your URI
$Queue = #($Queues) -match [regex]::Escape($Uri -replace '/$')
if ($Queue.Count -eq 1)
{
# Will be null if could not pick out exactly one PID
$ProcessId = [string]$Queue -replace '(?s).*Process IDs:\s+' -replace '(?s)\s.*' -as [int]
if ($ProcessId)
{
Write-Verbose "Identified process $ProcessId as the HTTP listener. Killing..."
Stop-Process -Id $ProcessId -Confirm
}
}
Originally posted here: https://stackoverflow.com/a/65852847/6274530
I faced the same issue and fixed it by making a small change in the httpd.conf file which can be obtained by clicking the config button along with the Apache option.
The change I made was to replace listen 80 with listen 8080.
For me, this problem began when I hosted a VPN-connection on my Windows 8 computer.
Simply deleting the connection from "Control Panel\Network and Internet\Network Connections" solved the problem.
I've built a self hosted wcf server, using wsHttpBinding. I'm running Win 2003 server R2 SP2.
If I configure it to listen on http://localhost:443/MyService, everything works fine. I can connect to http://localhost:443/MyService with Internet Explorer, and I get the standard "Bad Request" message
Now, if I try to switch to HTTPS, I'm witnessing a strange phenomenon.
Here's what I've done :
I've changed my wcf config file from http://localhost to https://localhost and from Security=None to Security=Transport (as explained in numerous wcf tutorials)
I've registered my HTTP port like this :
httpcfg delete ssl -i 0.0.0.0:443
httpcfg set ssl -i 0.0.0.0:443 -h ea2e450ef9d4...
Note that the certificate I've used is a "real certificate" (i.e. issued by a trusted CA, namely Comodo). The server responds to ping on the NS mentioned in the certificate.
Now, the following will timeout :
Microsoft Telnet> open localhost 443
Here's the output from netstat (The Pid '4' is the 'System' process):
netstat -nao
Proto Local Adress Remote Adress State Pid
TCP 0.0.0.0:443 0.0.0.0:0 Listening 4
And here's a screenshot from TCPView captured when I issued the open command in telnet :
alt text http://img26.imageshack.us/img26/3376/tcpview2si6.jpg
I'm a bit puzzled. To me, if netstat says the server is listening on 443, the telnet connection to 443 shouldn't timeout, and I should have at least a blank prompt, expecting me to type some encrypted stuff :)
So far I've tried to :
Redo all the steps from scratch following exactly the MSDN tutorial
Used port 10443 instead of 443
Disable the firewall
Use a self signed certificate
I don't know what to try next .. any ideas?
The telnet client is not going to know to send a properly constructed request to initiate an https handshake, so I imagine the ssl secured server is just waiting for more data.
The telnet client is certainly not going to know what to do with the response from a ssl secured server (it's certainly not going to prompt you for data to send along). Communication can only happen once the https handshake has completed.
You need to use a client that knows how to do a handshake. The openssl binary can do this out of the box.
Telnet cannot be used to comunicate with encrited webs.
Checkout this microsfot note. It says "NOTE: This example assumes that the Web server is configured to use the default HTTP port (TCP 80). If the Web server is listening on a different port, substitute that port number in the first line of the example. Also, this example does not work properly over an HTTPS/SSL connection (TCP 443, by default), because the telnet client cannot negotiate the necessary encryption commands to establish the SSL session. Although an initial connection is possible over the HTTPS/SSL port, no data is returned when you issue a GET request."
Update: Checkout this other note HOW TO: Determine If SSL Connectivity Is Not Working on the Web Server or on an Intermediate Device
As FerrariB said, telnet does not perform the negotiations necessary to open an SSL connection. Telnet knows nothing about certificates, nor encryption. Thus, you are guaranteed to not be able to communicate with HTTPS port 443 via telnet. You will have to find another way to do whatever you are trying to do.
Check out the Wikipedia page on TLS for example, where it says directly:
If any one of the above steps fails, the TLS handshake
fails, and the connection is not created.
This is precisely what you are seeing by trying to use telnet to communicate with an SSL endpoint.
in command prompt: netstat -nao |find "443"
the last columns show a number:
pic no.1
Now open task manager.find result number in 1st section in pid column (if pid wasn't enabled, choose it from view tab) program name show the program which uses the port.
disable the program that uses the port /in my case I stopped it from services