[clue] Can't connect to Webmin
David L. Willson
DLWillson at TheGeek.NU
Sun Feb 10 11:40:32 MST 2013
Please send the output of these:
getenforce
service iptables status
netstat -plant
Preferably, as gzip'd text, but I don't know whether the list tolerates attachments.
--
David L. Willson
Trainer, Engineer, Enthusiast
RHCE Network+ A+ Linux+ LPIC-1 Ubuntu
Mobile 720-333-LANS(5267)
This is a good time for a r3VOLution.
----- foo7775 at comcast.net wrote:
> Hi all,
>
> I've run into a bit of a puzzler while setting up a new server - or maybe it's just a "blind spot" that I'm not recognizing. The background is that I've recently bought a dual-Xeon system that I could use at home for playing around with virtualization. It's running ESXi 5.1, & currently has two virtual machines installed - a Windows Server 2012 Datacenter Edition (going to use that to learn all about that OS, as well as PowerShell) and a 2nd VM running CentOS 6.3. I have Webmin installed on the CentOS system, but I'm unable to connect to it from my desktop PC that's running Win7. The two machines are connected via an ordinary 10/100 Ethernet switch, no firewalls or other devices between. Here are the troubleshooting steps that I've taken so far:
>
> Attempted to connect using both http and https connections directed to port 10000, using both Firefox & IE9. Both time out, neither browser reports anything useful;
>
> Confirmed that the "virtual" network adapter within ESXi shows as 'Connected' & connects at power-on;
>
> I've tried pinging in both directions, each system is able to ping the other without issue (0-1ms latency);
>
> I am able to SSH from the Win7 desktop to the CentOS VM using PuTTY, login & all other functions behave as expected;
>
> I've confirmed that webmin is running - the output of both the 'ps aux' and 'netstat -aon' commands show the expected output:
>
> [root at system ~]# ps aux | grep webmin
> root 11710 0.0 1.0 84572 19208 ? Ss 13:35 0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
>
> [root at system ~]# netstat -aon | head -2; netstat -aon | grep 10000
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address State Timer
> tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN off (0.00/0/0)
> udp 0 0 0.0.0.0:10000 0.0.0.0:* off (0.00/0/0)
>
>
> I've edited the miniserv.conf configuration file & changed the 'port' and 'listen' parameters, then restarted webmin (/sbin/service webmin restart), that completed without issue - and when that was done, netstat correctly reported the new port listening;
>
> Re-trying with the browsers mentioned above (to the newly-changed port number) produced the same output;
>
> Completely disabled the Windows firewall, tried again, still no luck;
>
> Fired up the 'lynx' browser (ahhhh - memories of my first days on the internet!) within the CentOS VM, pointed it to the local system's port 10000, received output that appeared to be consistent with what I would expect (although I'm sure that lynx didn't format it as intended).
>
> So then I started wondering if I had a firewall active on the CentOS system - the output of the 'ps' command showed nothing for ipfw. I did find iptables active, so I stopped that using '/sbin/service iptables stop'. Testing at this point showed no change.
>
> At this point, I'm thinking that Webmin's probably working well enough on the VM, I'm just not able to *get* to it from the Win7 box, so I downloaded & installed the Windows port of nmap & strobed the VM from the Win7 machine (Intense scan, all TCP ports) - I'm including the relevant output below:
>
> SYN Stealth Scan Timing: About 54.23% done; ETC: 22:10 (0:01:17 remaining)
> Discovered open port 10000/tcp on <IP address>
>
> Interestingly (to me) it did NOT detect port 10000 during the initial 'SYN Stealth Scan' where it detected the open port 22 (SSH) and one other port.
>
>
> PORT STATE SERVICE VERSION
> 10000/tcp open http MiniServ 1.620 (Webmin httpd)
> |_http-favicon: Unknown favicon MD5: 9A2006C267DE04E262669D821B57EAD1
> |_http-git: 0
> |_http-methods: No Allow or Public header in OPTIONS response (status code 200)
> | http-robots.txt: 1 disallowed entry
> |_/
> |_http-title: Login to Webmin
> | ndmp-version:
> |_ ERROR: Failed to get host information from server
>
> To *me*, it still feels like there's a firewall in the mix somewhere (although the 'http-title: Login to Webmin' output above would *seem* to argue against that). Since I'm not too familiar with iptables, is it possible that it's still affecting the situation? What am I forgetting/overlooking?
>
> Thanks all.
>
> T.
More information about the clue
mailing list