[clue] Can't connect to Webmin

foo7775 at comcast.net foo7775 at comcast.net
Sat Feb 9 15:50:30 MST 2013 

Hi all, 

I've run into a bit of a puzzler while setting up a new server - or maybe it's just a "blind spot" that I'm not recognizing. The background is that I've recently bought a dual-Xeon system that I could use at home for playing around with virtualization. It's running ESXi 5.1, & currently has two virtual machines installed - a Windows Server 2012 Datacenter Edition (going to use that to learn all about that OS, as well as PowerShell) and a 2nd VM running CentOS 6.3. I have Webmin installed on the CentOS system, but I'm unable to connect to it from my desktop PC that's running Win7. The two machines are connected via an ordinary 10/100 Ethernet switch, no firewalls or other devices between. Here are the troubleshooting steps that I've taken so far: 

Attempted to connect using both http and https connections directed to port 10000, using both Firefox & IE9. Both time out, neither browser reports anything useful; 

Confirmed that the "virtual" network adapter within ESXi shows as 'Connected' & connects at power-on; 

I've tried pinging in both directions, each system is able to ping the other without issue (0-1ms latency); 

I am able to SSH from the Win7 desktop to the CentOS VM using PuTTY, login & all other functions behave as expected; 

I've confirmed that webmin is running - the output of both the 'ps aux' and 'netstat -aon' commands show the expected output: 

[root at system ~]# ps aux | grep webmin 
root 11710 0.0 1.0 84572 19208 ? Ss 13:35 0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf 

[root at system ~]# netstat -aon | head -2; netstat -aon | grep 10000 
Active Internet connections (servers and established) 
Proto Recv-Q Send-Q Local Address Foreign Address State Timer 
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN off (0.00/0/0) 
udp 0 0 0.0.0.0:10000 0.0.0.0:* off (0.00/0/0) 


I've edited the miniserv.conf configuration file & changed the 'port' and 'listen' parameters, then restarted webmin (/sbin/service webmin restart), that completed without issue - and when that was done, netstat correctly reported the new port listening; 

Re-trying with the browsers mentioned above (to the newly-changed port number) produced the same output; 

Completely disabled the Windows firewall, tried again, still no luck; 

Fired up the 'lynx' browser (ahhhh - memories of my first days on the internet!) within the CentOS VM, pointed it to the local system's port 10000, received output that appeared to be consistent with what I would expect (although I'm sure that lynx didn't format it as intended). 

So then I started wondering if I had a firewall active on the CentOS system - the output of the 'ps' command showed nothing for ipfw. I did find iptables active, so I stopped that using '/sbin/service iptables stop'. Testing at this point showed no change. 

At this point, I'm thinking that Webmin's probably working well enough on the VM, I'm just not able to *get* to it from the Win7 box, so I downloaded & installed the Windows port of nmap & strobed the VM from the Win7 machine (Intense scan, all TCP ports) - I'm including the relevant output below: 

SYN Stealth Scan Timing: About 54.23% done; ETC: 22:10 (0:01:17 remaining) 
Discovered open port 10000/tcp on <IP address> 

Interestingly (to me) it did NOT detect port 10000 during the initial 'SYN Stealth Scan' where it detected the open port 22 (SSH) and one other port. 


PORT STATE SERVICE VERSION 
10000/tcp open http MiniServ 1.620 (Webmin httpd) 
|_http-favicon: Unknown favicon MD5: 9A2006C267DE04E262669D821B57EAD1 
|_http-git: 0 
|_http-methods: No Allow or Public header in OPTIONS response (status code 200) 
| http-robots.txt: 1 disallowed entry 
|_/ 
|_http-title: Login to Webmin 
| ndmp-version: 
|_ ERROR: Failed to get host information from server 

To *me*, it still feels like there's a firewall in the mix somewhere (although the 'http-title: Login to Webmin' output above would *seem* to argue against that). Since I'm not too familiar with iptables, is it possible that it's still affecting the situation? What am I forgetting/overlooking? 

Thanks all. 

T. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue/attachments/20130209/34400808/attachment.html

More information about the clue mailing list