rejetto forum

[RISOLTO] Problema HFS su Windows Server 2012 R2

0 Members and 1 Guest are viewing this topic.

Offline Alexander

  • Occasional poster
  • *
    • Posts: 11
    • View Profile
Salve a tutti, sto usando l'ultima release di HFS, ma ho un problema spaventoso!
Su Windows Server 2012 R2 sembra non volerne sapere di funzionare.
Uso come DNS dinamico no-ip dove a casa mia non ho problemi collegandomi con un router sitecom e un dlink rispettivamente sulla porta 443.
Invece in studio ho un router telecom fibra (tecnicolor) dove dopo ore intere a provare, ho pensato... Sicuramente il router telecom fa schifo e ho notato che ha problemi nell'aprire le porte.. Cosi ho collegato a ponte un fritzbox 4020 ma..... risultato lo stesso.
Con il SELF TEST mi dice che la porta 80 non è aperta, la porta 443 idem.... Ma non è assolutamente vero.
L'unica cosa che mi viene da pensare è che non sia compatibile con  windows server? Le ho provate proprio tutte....
A casa mia non ho problemi con Windows 10

Come posso risolvere? Devo disattivare qualcosa nel router telecom che forse mi sta ancora facendo da filtro per il fritzbox messo in cascata nella WAN?
« Last Edit: December 08, 2016, 07:48:26 PM by Alexander »


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
HFS takes some fiddling to run on windows server editions, i have tested it, and it worked on server 2008 r2. I haven't tested any software of future server builds.

For starters
I would recommend, Stunnel, ngork/pagekite. it seems more like a networking issues, then the software.

i don't trust HFS self test, i would recommend a proxy site, or can you see me site that scans your ports.
http://www.canyouseeme.org/

-----------
Also i would recommend:
on a client PC, i would recommend trying to connect on the lan to make sure it is leaving the server pc. Before looking at the router issue you seem to be faceing. On teh cleint PC, i would also recomend a nmap" that way you can see what is open on the server.

as such, i would recommend you to this:
http://www.rejetto.com/forum/router-port-problems/some-router-info-for-newbies-or-not-so-newbies/msg1059916/#msg1059916
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing


Offline Alexander

  • Occasional poster
  • *
    • Posts: 11
    • View Profile
Grazie per la risposta. Per caso c'è bisogno di fare qualche altro passaggio nel collegamento di router a cascata?
Penso che il problema sia il router che non riesce ad aprire le porta TCP di HFS, perchè con un Router Atlantis sulla porta 5001 avevo ottenuto con successo in funzionamento di HFS su Windows Server.

Per caso c'è da fare qualche accorgimento quando si collegano due router in cascata?
Ho letto che bisogna aprire tutte e due le porte su entrambi i router.
Ad esempio vorrei utilizzare la 443 per HFS.

Quindi se ho capito bene, quando si colegano in cascata due router bisogna aprire su entrambi la porta 443? Ma se nel vecchio router le porte mi davano problemi, questo si reverserà anche sul router collegato alla WAN?

oppure abilitare il passthrough IP sul vecchio router, cosi che solo il router B collegato alla LAN abiliti le porte per conto suo escludendo il primo?. Ho la sensazione che sia il router A che non fa funzionare lo sblocco delle porte e quindi anche il router B non riesce ad aprirle. Però non ricordo se il technicolor della TIM ha questa opzione....

Qualche idea?


Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 859
  • Status: On hiatus       (sporadically here)
    • View Profile
    • twitter.com/LeoNeeson
@Alexander: this happens because Windows Server grabs and uses TCP ports 80 and 443 by default. So, that's why you can't use those ports with HFS. You have to disable some Windows services make this work, like for example "Sync Share Service" and "Internet Information Server (IIS)" or other related services. This Google Search will help you.
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline Alexander

  • Occasional poster
  • *
    • Posts: 11
    • View Profile
LeoNess qualsiasi porta setto, non mi fa accedere, ho provato anche ad inserire porte diverse come la 400, 5000..... sempre lo stesso errore...


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
Ok, so this is a big network issues then,
dependent on the routers and how you want and have things talking to each other.

*you could use iptables(nat), or DMZ

when i have two daisy chained i usually separate the two routes subnet via dmz

so the main "isp" modem connects to first router(could be builtin), i dmz the last ip (ie 192.168.1.254) and the next router is set statically to the dmz (this way all other traffic from the first router is unable to talk to the DMZ..., all ports are open and now assigned to the next router for port forwards.

##########################
*easier to setup, but may stop communication to the server form router 1
so, i would recommend this setup, assuming that this will not impede what you require form the server PC.

internet > ISP modem > Router(builtin?) *dmz ip > *(static to dmz ip) router 2 > server PC

port forward required port in router 2, for access to hfs.


##############################

if DMZ is not what you want as it can impede on router 1 communication to server..., you will have to define ports to the router ( NAT/iptables setup)
(a pc on the internet will connect to port 80 to router 1), a lan pc will connect to port 5001 on router 2)
example setup defined ips:
router 1 lan ip: 192.168.1.1
router 2 public ip: 192.1698.1.254 > lan ip: 10.0.0.1
server ip: 10.0.0.254
hfs port set to 5001

internet > ISP Modem > Router1(can be build in) > router 2 > server pc

*HFS active and setup to port 5001 server is set to a static IP 10.0.0.254

source ip 10.0.0.254:50001 Website to a client pc connected to router 2 should be able to access hfs on port 5001
* Router 2, port forwards: starting port 5001 to ending port 5001
server should be accessible from router 2 lan via 10.0.0.254:5001 and available on router 1 via router 2 public ip of 192.168.1.254

* Router 1 port forwards: starting port 80 to ending port 50001
source ip 192.168.1.254:50001 Website to a a client pc connected to router 1 should be able to access hfs on port 5001

Pc on the internet to connect to your server

A pc outside your network on the internet should be able to access the HFS site via port 80 and your public ip: x.x.x.x:80

*(for simplicity if your ISP blocks ports, then change start port 80 to 5001 for both the start and ending ports as in router 2!...)
« Last Edit: December 04, 2016, 07:37:08 PM by bmartino1 »
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing


Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 859
  • Status: On hiatus       (sporadically here)
    • View Profile
    • twitter.com/LeoNeeson
@Alexander: do you have any Firewall installed (or any other antivirus/antimalware/privacy suite installed)? Have you configured the Windows Firewall?

To open a port in Windows Firewall
1) On the Start menu, click Control Panel.
2) In Control Panel, click Network and Internet Connections, and then open Windows Firewall.
3) In Windows Firewall, click the Exceptions tab, and then click Add Port.
4) In the Add a Port dialog box, in the Name box, type HFS.
5) In the Port number box, type the port number.

Source: https://technet.microsoft.com/en-us/library/ms345310(v=sql.100).aspx
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline Alexander

  • Occasional poster
  • *
    • Posts: 11
    • View Profile
in the end I managed to solve. The problem was the crappy router of my operator (router a) that I connected in cascade with the Fritzbox. It acted as a filter ...
I solved this way.
I enabled the DMZ host by the router A in the Fritzbox (b router)
I have enabled the port 5001 in the router A, at 192.168.1.4 (where you connected the router B)
I enabled the Fritzbox the port 5001 in 192.168.178.10 (WServer 2012 r2, where the server and installed HFS) is connected

EVERYTHING WORKS AT LAST!
THANK YOU ALL!
« Last Edit: December 08, 2016, 07:50:55 PM by Alexander »