<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Arial; font-size: 12pt; color: #000000'>Thanks for the response David! Fortunately, the output from the three commands you suggested is small/concise enough that an attachment isn't necessary:<br><br><font face="Courier New, courier, monaco, monospace, sans-serif"> [root@system ~]# getenforce<br> Enforcing<br> [root@system ~]# service iptables status<br> iptables: Firewall is not running.<br> [root@system ~]# netstat -plant<br> Active Internet connections (servers and established)<br> Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name<br> tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1145/rpcbind<br> tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 16710/perl<br> tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1415/sshd<br> tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1301/cupsd<br> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1491/master<br> tcp 0 0 0.0.0.0:33566 0.0.0.0:* LISTEN 1163/rpc.statd<br> tcp 0 52 10.20.30.7:22 10.20.30.112:60931 ESTABLISHED 15622/sshd<br> tcp 0 0 :::111 :::* LISTEN 1145/rpcbind<br> tcp 0 0 :::22 :::* LISTEN 1415/sshd<br> tcp 0 0 ::1:631 :::* LISTEN 1301/cupsd<br> tcp 0 0 :::46359 :::* LISTEN 1163/rpc.statd<br> tcp 0 0 ::1:25 :::* LISTEN 1491/master<br> [root@system ~]#<br></font><br>So, it looks like SELinux could indeed be the culprit ('<font face="Courier New, courier, monaco, monospace, sans-serif">Enforcing</font>'). I'll review how to disable that, & then try again & post the results. (Ironically, that's one of the things that I want to "play with" & gain a better understanding of...)<br><br>Again, thanks for the help!<br><br>T.<br><hr id="zwchr"><b>From: </b>"David L. Willson" <DLWillson@TheGeek.NU><br><b>To: </b>"CLUE's mailing list" <clue@cluedenver.org><br><b>Sent: </b>Sunday, February 10, 2013 11:40:32 AM<br><b>Subject: </b>Re: [clue] Can't connect to Webmin<br><br>Please send the output of these:<br><br>getenforce<br>service iptables status<br>netstat -plant<br><br>Preferably, as gzip'd text, but I don't know whether the list tolerates attachments.<br><br>--<br>David L. Willson<br>Trainer, Engineer, Enthusiast<br>RHCE Network+ A+ Linux+ LPIC-1 Ubuntu<br>Mobile 720-333-LANS(5267)<br><br>This is a good time for a r3VOLution.<br><br>----- foo7775@comcast.net wrote:<br>> Hi all, <br>> <br>> I've run into a bit of a puzzler while setting up a new server - or maybe it's just a "blind spot" that I'm not recognizing. The background is that I've recently bought a dual-Xeon system that I could use at home for playing around with virtualization. It's running ESXi 5.1, & currently has two virtual machines installed - a Windows Server 2012 Datacenter Edition (going to use that to learn all about that OS, as well as PowerShell) and a 2nd VM running CentOS 6.3. I have Webmin installed on the CentOS system, but I'm unable to connect to it from my desktop PC that's running Win7. The two machines are connected via an ordinary 10/100 Ethernet switch, no firewalls or other devices between. Here are the troubleshooting steps that I've taken so far: <br>> <br>> Attempted to connect using both http and https connections directed to port 10000, using both Firefox & IE9. Both time out, neither browser reports anything useful; <br>> <br>> Confirmed that the "virtual" network adapter within ESXi shows as 'Connected' & connects at power-on; <br>> <br>> I've tried pinging in both directions, each system is able to ping the other without issue (0-1ms latency); <br>> <br>> I am able to SSH from the Win7 desktop to the CentOS VM using PuTTY, login & all other functions behave as expected; <br>> <br>> I've confirmed that webmin is running - the output of both the 'ps aux' and 'netstat -aon' commands show the expected output: <br>> <br>> [root@system ~]# ps aux | grep webmin <br>> root 11710 0.0 1.0 84572 19208 ? Ss 13:35 0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf <br>> <br>> [root@system ~]# netstat -aon | head -2; netstat -aon | grep 10000 <br>> Active Internet connections (servers and established) <br>> Proto Recv-Q Send-Q Local Address Foreign Address State Timer <br>> tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN off (0.00/0/0) <br>> udp 0 0 0.0.0.0:10000 0.0.0.0:* off (0.00/0/0) <br>> <br>> <br>> I've edited the miniserv.conf configuration file & changed the 'port' and 'listen' parameters, then restarted webmin (/sbin/service webmin restart), that completed without issue - and when that was done, netstat correctly reported the new port listening; <br>> <br>> Re-trying with the browsers mentioned above (to the newly-changed port number) produced the same output; <br>> <br>> Completely disabled the Windows firewall, tried again, still no luck; <br>> <br>> Fired up the 'lynx' browser (ahhhh - memories of my first days on the internet!) within the CentOS VM, pointed it to the local system's port 10000, received output that appeared to be consistent with what I would expect (although I'm sure that lynx didn't format it as intended). <br>> <br>> So then I started wondering if I had a firewall active on the CentOS system - the output of the 'ps' command showed nothing for ipfw. I did find iptables active, so I stopped that using '/sbin/service iptables stop'. Testing at this point showed no change. <br>> <br>> At this point, I'm thinking that Webmin's probably working well enough on the VM, I'm just not able to *get* to it from the Win7 box, so I downloaded & installed the Windows port of nmap & strobed the VM from the Win7 machine (Intense scan, all TCP ports) - I'm including the relevant output below: <br>> <br>> SYN Stealth Scan Timing: About 54.23% done; ETC: 22:10 (0:01:17 remaining) <br>> Discovered open port 10000/tcp on <IP address> <br>> <br>> Interestingly (to me) it did NOT detect port 10000 during the initial 'SYN Stealth Scan' where it detected the open port 22 (SSH) and one other port. <br>> <br>> <br>> PORT STATE SERVICE VERSION <br>> 10000/tcp open http MiniServ 1.620 (Webmin httpd) <br>> |_http-favicon: Unknown favicon MD5: 9A2006C267DE04E262669D821B57EAD1 <br>> |_http-git: 0 <br>> |_http-methods: No Allow or Public header in OPTIONS response (status code 200) <br>> | http-robots.txt: 1 disallowed entry <br>> |_/ <br>> |_http-title: Login to Webmin <br>> | ndmp-version: <br>> |_ ERROR: Failed to get host information from server <br>> <br>> To *me*, it still feels like there's a firewall in the mix somewhere (although the 'http-title: Login to Webmin' output above would *seem* to argue against that). Since I'm not too familiar with iptables, is it possible that it's still affecting the situation? What am I forgetting/overlooking? <br>> <br>> Thanks all. <br>> <br>> T. <br><br>_______________________________________________<br>clue mailing list: clue@cluedenver.org<br>For information, account preferences, or to unsubscribe see:<br>http://cluedenver.org/mailman/listinfo/clue<br></div></body></html>