The basic issue is in IE on my machine, a particular web site in our intranet doesn't work when using the server name alias. It does, however work when using the IP address of the server.
This doesn’t work
http://MyWeb/TheSite
It's a 401 error in the IIS Logs on the server
and IE shows "Internet Explorer cannot display the webpage. Diagnose Connection Problems".
But this does work:
http://100.100.100.100/TheSite
(100.100.100.100 being a made up IP)
On other machines on our intranet, this does work for me:
http://MyWeb/TheSite
I think we've narrowed it down the Integrated Auth on IIS. When I change the AppPool for MyWebb/TheSite to Anonymous on the server, TheSite works on my machine as well as other machines. When I change back to Integrated Auth it works for me on other machines machines but not my machine. Any ideas? Something with my desktop profile?
And another bit of data, TheSite used to work on my machine with Integrated Auth. It just stopped a couple weeks ago.
Also, we've looked at all the relevent DNS properties, etc, and that all looks good
Related
When accessing https://mcgillcrm.com some users are seeing this in chrome: ERR_SSL_PROTOCOL and this is firefox: SSL_ERROR_RX_RECORD_TOO_LONG
But it only happens when they access the site through a specific ISP (Videotron).
When the site is accessed via a hotspot or when connected to a different ISP it works fine and it also works if the user is using Windows machine instead of a Mac.
I verified SSL labs, checked port 443 and compared against another site where it doesn't throw this error and everything seems fine.
We have a 301 redirect towards https and I double checked that users really type https:// when accessing the web-site, but it still doesn't work.
How is the connection done to the ISP vs. how is the connection done to a different ISP or mobile network
Mac user connects to the wireless modem: SSL errors come up
Mac user connects to the wireless mobile hotspot: No error comes up
Update 12 Oct 2022
We re-installed a new certificate from scratch and this one is not showing 'self signed' anywhere. Will see if it helps.
HTTPS is end to end encryption and integrity protection. It should not depend on the ISP used by the client. If it is specific only to the ISP or specific clients then something is messed up at their end, like some middleboxes or antivirus interfering with the connection, a captive portal asking the client to acknowledge some rules first, DNS resolution pointing to a different IP then yours etc. There is nothing you can do from the server end against this, since maybe the server is not even reached by the client.
Problem turned out to be with safebrowse.io which was somehow caching the incorrect certificate (clearing SSL cert in chrome didn't help).
It in turn affected other browsers also like Firefox. So once the incorrect cert was cached it flagged it globally as an unsafe site..
It looks like it was cached inside the logged in users chrome profile (Google Workspace account).
Solution was to login as Guest > Go to web-site > Click 'Proceed anyway' > Restart Chrome
This looks like a serious design flaw with safebrowse.io, why/how it caches SSL certificates in Chrome profile is unclear. This should have worked while accessing the web-site in Chrome incognito but it didn't..
Sorry in advance, this is my first post and I'm a novice with web hosting.
I have 2 websites hosted on the same IIS version 8.5 using a different application pool.
The problem is that I can't get Website A to connect outside the network whereas website B can connect just fine.
They have the same configuration except for the bindings.
I tried switching the port in the bindings from A to B and the problem still arises.
Example: https All Unassigned 25777 analytics.com (A) https all unassigned 25779 portal.com (B)
Since I was able to switch the port and portal still works, I'm assuming that the site configuration is fine and the port is fine.
I think the host name's problem.
How can I fix this?
The public IP was an issue.
The public IP provided by our ISP wasn't properly configured. Changing to a new one provided it by them allowed us to access the website from outside the network.
I've got a virtual machine running on ESXI which I use for local development, I access this machine in my browser via a local domain, http://dev for example. This all works well and no issue for years until I've just started using Facebook Login which requires OAuth redirect URLs to be 'real'.
I can no longer use my http://dev as it won't allow it, I noticed it will however allow http://localhost.
I should note I'm not always using apache/nginx etc so I don't want to be creating virtual hosts
How do I go about being able to register a virtual machine for a OAuth redirect when it's not accessible on localhost?
Despite being sure I've tried this before, I did just try the local IP address of the server (192.168.0.111) and looks like that worked for the redirect/callback on the Facebook Developers Console.
So, while not ideal, you can use the local IP rather than the hostname.
I have a Windows 2003 server, with IIS6 + .Net 4 installed.
I created a site running on port 8002. It could be accessed locally but not remotely. I have done following tests
I used server's local broswer to access http://192.168.1.107:8002/WebForm2.aspx and I can get page successfully.
I opened a broswer on remote machine to access http://192.168.1.107:8002/WebForm2.aspx, browser waited for long time and eventually displayed timeout, web page not available message.
I tried telnet 192.168.1.107 8002 from client machine, and the connection could be established. I believe I have Windows 2003 server firewall turned off, otherwise the port should be blocked.
I ran ping 192.168.1.107 from client machine and got response.
While remote browser is waiting for response, I shut down the site (not IIS) and brwoser got not available right away. It looks like broswer connected to the site, but just something is hanging there.
What could cause such problem?
what are your dns settings? is the ip bound to this domain / host header?
recheck your settings in iis and check your firewall.
It sounds like you were able to reach the server, but I can only guess that based on what you're saying you tried already.
i would also make sure that nothing else is using that ip.
OK, strange thing. I created the site in VS2012 and forgot to change target framework back to 4.0, so it was compiled as 4.5. But server has no 4.5 installed.
Once I changed the target framework everything works.
I just don't understand one thing, hwy it worked locally in 4.5.
If I log in to our web server using RDP, I can't access any of the sites we run on that web server via their external url. For example, say my web server hosts www.example.com, when I log in to the web server, bring up a browser and try to go to www.example.com, I can't see it.
However, one of our sites was configured in some way to work like this, if I try to go to that url, it works as you might expect.
Unfortunately, this was done by our server hosting partners, who we are no longer in contact with. Does anyone know how this can be achieved?
You can do it in many way..
It depends on your network configuration, but it could also be a simple row in hosts file or a static dns record or a specific route for that ip address.
if you're using IIS you should also set the website to "listen" on the loopback interface in the bindings menu.
or, for IIS 6: