We Keep Coding

Unable to use NettcpBinding from another computer in my local network

I built a WCF Service in one of my machines of my local network, it has both http and net.tcp (htpp,net.tcp) as enabled protocols in IIS manager.
From another machine a build a client app, and define the endpoints automatically using the Add Service Reference... dialog, I type the service address and when it appears I set the name and click OK. The App.config is updated with two endpoints, one for http (BasicHttpBinding) and the other for net.tcp (NetTcpBinding) as expected.
When running the client app, if I use the BasicHttpBinding:
"using (var proxy = new ProductsServiceClient("BasicHttpBinding_IProductsService"))"
it runs OK, and shows the expected data.
But when I use the NetTcpBinding:
"using (var proxy = new ProductsServiceClient("NetTcpBinding_IProductsService"))"
It throws a SecurityNegotiationException saying that:
"A remote side security requirement was not fulfilled during authentication. Try increasing the ProtectionLevel and/or ImpersonationLevel."
If I do it all in the same machine, I don´t get any exception.
What should I do?
Rafael

By default, the BasicHttpBinding supports no security. So when calling the service from another computer, it will work also.
But by default, NetTcpBinding requires a secure channel. And the default security mode is Transport, so when calling the service from another computer, it will throw a security exception.
The most easy way to solve it is to set the security mode to None as following:
<bindings>
<netTcpBinding>
<binding name="netTcpBindingConfiguration" >
<security mode="None" />
</binding>
</netTcpBinding>
Then we use it in the endpoint
<endpoint address="net.tcp://nelson-laptop:8080/Whatever"
binding="netTcpBinding"
bindingConfiguration="netTcpBindingConfiguration"
contract="ProductsService.IProductsService"
name="NetTcpBinding_IProductsService" />

In Your question you are using the default net.tcp port 808 but have opened port 80 in the firewall. If it is not a typo in the question it could be why it fails.

WCF service hosted in a Managed Windows Service can not be accessed from another machine

I have a WCF servise hosted in a Managed Windows Service that I developed according to this manual. In App.config I specified the following:
<service name="Inpas.Unipos.LicenseManager.SamService.Service"
behaviorConfiguration="SamServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:8000/SamService/service"/>
</baseAddresses>
</host>
<endpoint address=""
binding="wsHttpBinding"
contract="Inpas.Unipos.LicenseManager.SamService.IService" />
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
In a client I connect to service this way:
public void ConnectToService(string host, string port)
{
var binding = new WSHttpBinding();
var endpoint = new EndpointAddress(string.Format("http://{0}:{1}/SamService/service", host, port));
var channelFactory = new ChannelFactory<IService>(binding, endpoint);
_client = channelFactory.CreateChannel();
_client.Get2X2();
}
In a local machine it works fine, but if I try to connect to service from another machine - I get an exception:
EndpointNotFoundException
Message: There was no endpoint listening at http://10.xx.xx.xx:8000/SamService/service that could accept the message. This is often caused by an incorrect address or SOAP action.
What am I doing wrong?

I've fixed it by opening the inbound port for the service:
Open Windows Firewall by clicking the Start button , and then clicking Control Panel. In the search box, type firewall, and then click Windows Firewall.
In the left pane, click Advanced settings. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
In the Windows Firewall with Advanced Security dialog box, in the left pane, click Inbound Rules, and then, in the right pane, click New Rule.
Follow the instructions in the New Inbound Rule wizard( select Tcp in the "Protocol and Ports" step of this wizard).

What to use as WCF net.tcp host baseAddress on different servers?

In my App.config, i have this base address specified ("jerrycan" is the name of my computer):
<service behaviorConfiguration="helloWorldServiceBehavior" name="OpdService.OpdService">
<endpoint address="/service" binding="netTcpBinding" bindingConfiguration="NewBinding0"
name="MainEndPoint" contract="OpdService.IOpdService">
<identity>
<dns value="jerrycan" />
</identity>
</endpoint>
<endpoint kind="udpDiscoveryEndpoint" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://jerrycan:8000" />
<add baseAddress="http://jerrycan/service" />
</baseAddresses>
<timeouts openTimeout="00:00:15" />
</host>
</service>
Everything works fine until I run service on other computer — clients can find service through UDP discovery, but aren't able to connect, as service continues to send old address. When I change "jerrycan" to "localhost", only local clients are able to connect to service (but on any computer). Any clients on other computers try to connect to "localhost" with no success.
So what should I use as host address if I want to be able to run service on different computers without recompile? Should I store address somewhere in config file for every computer, or should I change address in runtime? I think, I'm missing something simple and fundamental here.
Or maybe I should use localhost (as in many wcf samples) and it's my client connection code who brings the problems:
EndpointAddress endpointAddress = findResponse.Endpoints[0].Address;
OpdChannelFactory = new DuplexChannelFactory<OpdServiceReference.IOpdService>(CallbackHandler,
new NetTcpBinding("MainEndPoint"), endpointAddress);
Again, when I use "localhost" as base address, "localhost" comes as endpoint address in findResponse.
Edit:
It seems like I found solution here: http://btw-blog.blogspot.com/2011/02/dynamic-base-address-for-wcf-service.html
The point is to replace host name in base address with * symbol (wildcard). It will be changed with actual host name in run time.
Haven't tested everything yet, but looks like it actually works.

It seems like I found solution here: http://btw-blog.blogspot.com/2011/02/dynamic-base-address-for-wcf-service.html
The point is to replace host name in base address with "*" symbol (wildcard). It will be changed with actual host name in run time.
Tested it and it worked great.

Right now your service endpoint address is:
net.tcp://jerrycan:8000/service
When you create clients on the computer which is hosting the service (jerrycan-pc) of course the local clients will be able to access the service by referencing
net.tcp://localhost:8000/service
and obviously other clients (on other computers on your network) can not connect to the service if they try to contact localhost, because the endpoint: net.tcp://localhost:8000/service, is calling the local computer which in this case is not hosting the service (only for jerrycan-pc). If jerrycan-pc is hosting the service, clients on jerrycan-pc can call the service by referencing localhost, but clients on say mike-pc must either try to call jerrycan-pc or jerrycan-pc's IP. If you change the endpoint in your service configuration to your service hosts IP or even computer name, and reference the service on other computers using the IP of the service host/computer name then they will be able to access it. For example if jerrycan-pc is hosting the service and it has an IP of 192.168.1.5, your clients can consume the service by referencing this endpoint:
net.tcp://192.168.1.5:8000/service
So in your service config change localhost to the IP address or PC name and try to contact that address on your clients instead of contacting localhost.

scalable WCF solution

I am trying to implement scalable wcf solution found at NetFX Harmonics: Creating Streamlined, Simplified, yet Scalable WCF Connectivity
So my solution have 4 projects
Contact.Service (Service and Data Contracts)
Contact.ServiceImpl (HostFactory and Service itself)
Contact.ServiceHost (Web.config and Person.svc)
Contact.ServiceClient
Contact.ServiceClient have App.config and Program.cs which actually call service.
App.config
<configuration>
<appSettings>
<add key="PersonServiceActiveEndpoint" value="PersonServiceBasicHttpBinding" />
</appSettings>
<system.serviceModel>
<client>
<endpoint name="PersonServiceBasicHttpBinding"
address="http://localhost:1031/Person.svc"
binding="basicHttpBinding"
contract="Contact.Service.IPersonService" />
</client>
</system.serviceModel>
</configuration>
Program.cs
BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
EndpointAddress endpointAddress = new EndpointAddress("http://localhost:1031/Person.svc");
IPersonService personService = new ChannelFactory<IPersonService>(basicHttpBinding, endpointAddress).CreateChannel();
Person person = personService.GetPersonData("F488D20B-FC27-4631-9FB9-83AF616AB5A6");
Console.WriteLine(person.FirstName);
When I try running this example exception is thrown:
There was no endpoint listening at http://localhost:1031/Person.svc that could accept the message. This is often caused by an incorrect address or SOAP action.
P.S. Person.svc is in my Contact.ServiceHost project
<%# ServiceHost Service="Contact.Service.PersonService" %>

what is the config of the service host? sounds like one of 2 problems:
the service host is not set up to listen on the same port.
the host application is not being run at all
I imagine that by checking the web.config of the service host project you'll likely find that it is either listening on a different port, or not being run at all, and hence not listening.
Is the Visual studio host starting up and hosting the service? You usually get a little 'toast' pop up window in the notification area next to the clock saying the the host is running and you can see which port it is running on. if this is not happening then it is likely that you need to configure it to start the host project as well as the client.
To enable both the client and server to start at the same time you need to:
Right-click on your solution file, and choose Set Startup Projects...
Choose Multiple startup projects and choose Start for your client and server project, leave the other ones set to none.

WCF Duplex net.tcp issues on win7

We have a WCF service with multiple clients to schedule operations amongst clients. It worked great on XP. Moving to win7, I can only connect a client to the server on the same machine. At this point, I'm thinking it's something to do with IPv6, but I'm stumped as to how to proceed.
Client trying to connect to a remote server gives the following exception:
System.ServiceModel.EndpointNotFoundException: Could not connect to net.tcp://10.7.11.14:18297/zetec/Service/SchedulerService/Scheduler. The connection attempt lasted for a time span of 00:00:21.0042014. TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.7.11.14:18297. ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.7.11.14:18297
The service is configured like so:
<system.serviceModel>
<services>
<service
name="SchedulerService"
behaviorConfiguration="SchedulerServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost/zetec/Service/SchedulerService"/>
</baseAddresses>
</host>
<endpoint address="net.tcp://localhost:18297/zetec/Service/SchedulerService/Scheduler"
binding="netTcpBinding"
bindingConfiguration = "ConfigBindingNetTcp"
contract="IScheduler" />
<endpoint address="net.tcp://localhost:18297/zetec/Service/SchedulerService/Scheduler"
binding="netTcpBinding"
bindingConfiguration = "ConfigBindingNetTcp"
contract="IProcessingNodeControl" />
</service>
</services>
<bindings>
<netTcpBinding>
<binding name = "ConfigBindingNetTcp" portSharingEnabled="True">
<security mode="None"/>
</binding>
</netTcpBinding >
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="SchedulerServiceBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceThrottling maxConcurrentSessions="100"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
The client connects like so:
String endPoint = "net.tcp://" + GetIPV4Address(m_SchedulerHostAddress) + ":" + m_SchedulerHostPort.ToString(CultureInfo.InvariantCulture) + "/zetec/Service/SchedulerService/Scheduler";
NetTcpBinding binding = new NetTcpBinding();
binding.Security.Mode = SecurityMode.None;
m_Channel = new DuplexChannelFactory<IProcessingNodeControl>(this, binding, endPoint);
m_IProcessingNodeControl = m_Channel.CreateChannel();
I've checked my firewall about a dozen times, but I guess there could be something I'm missing. Tried disabling windows firewall. I tried changing localhost to my ipv4 address to try to keep away from ipv6, I've tried removing any anti-ipv6 code.
Don't know if it means anything, but:
Microsoft Telnet> open 10.7.11.14 18297
Connecting To 10.7.11.14...Could not open connection to the host, on port 18297:
Connect failed
The telnet test unfortunately doesn't seem to be key. I have successfully connected to my service's port from localhost and a remote computer when the service is running, but my client did not work from the remote computer.
Looks like connecting to localhost is not always guaranteed. Desktop (win7/32) works, Laptop (win7/64) doesn't work. Other win7/64 boxes do work though. Perhaps due to multiple nic's on the laptop? Also doesn't explain failures to connect on testers' systems.
I set up two win7 machines with IPv6 fully disabled (using 0xffffffff as in http://support.microsoft.com/kb/929852 ). No help.

Something doesn't look right about your host base address and then the end point addresses. One has an explicit port reference, the other doesn't. Usually when you use a base address you use a relative URL in the endpoint address.
I can't think why this would be related to IPv6, because none of the error messages mention IPv6 addresses.
Perhaps try again after disabling the net.tcp port sharing option. Without port sharing, you should be able to confim a connection using telnet like you did.
Also, how is your service hosted in Win7? In IIS7 or self hosted in a Windows Service? Hosting it in a Service may require some permissions to be granted to your exe beyond opening ports on your firewall (like you sometimes have to do for hosting a windows service in HTTP in Win XP).
Sorry, I'm in a hurry and can't look up URLs for these.

I don't have time to go back and test whether it is a combination of the help I received from ligos or not, but the primary fix appears to be adding SMSvcHost.exe to the exceptions in the Windows Firewall.
Thanks a lot for your help, ligos. I was ready to give up until you replied to my question.
Instructions for adding net.tcp to windows firewall:
Go to Services, find the net.TCP port sharing service, and double click it. Swipe the Path to executable (don’t worry if it’s not all on screen, the swiping action should scroll it over) and copy it (ctrl-c)
Go to your firewall and add a new program to be allowed to communicate through the Windows Firewall. Paste in the path from Services and hit ok.