krysstof
commented
4 years ago as a comment : Don't use port from 6000-47000 on a direct access server, this is not allowed. but the non binding is still an issue
Open krysstof opened 4 years ago
krysstof
commented
4 years ago as a comment : Don't use port from 6000-47000 on a direct access server, this is not allowed. but the non binding is still an issue
Issue and Steps to Reproduce
configure a "bind to" option in either [/settings/WEB/server] or [/settings/default] on a server with multiple IP addresses restart the service
use netstat to see the port listening (or the ressource monitor), exemple with port 8443 netstat -an |findstr 8443 TCP 0.0.0.0:8443 0.0.0.0:0 LISTENING 0.0.0.0 means any IP addresses
Expected Behavior
the ip should be bound for both NRPE and WEB, only NRPE is boud for comparison, with nrpe on 5666 netstat -an |findstr 5666 TCP 192.168.13.4:5666 0.0.0.0:0 LISTENING this works fine
Actual Behavior
see command step, the IP is not bound, and the web server listen on any IP addresses.
Details
Additional Details
This issue is blocking only on Direct Access Windows servers. when binding on the internal IP, the firewall rule let things pass, but when binding on "any" the firewall blocks. and the fw is mandatory for direct access. the problem is really a firewalling issue, but when the binding works for nrpe, the port is open and accessible.
NSClient++ log: