0

I have an application that creates a HTTP server on a random port (50000-59000) on "localhost". It tries to connect to this port afterwards to determine if everything was setup correctly and is ready to use.

This seems to work on most machines very well. Its written in C#.NET 4.0 for Windows XP and higher.

Now I have the problem that on one server at one customer the creation of the server seems to work but it can't connect to it. Sadly we didn't any information as the exception details were not outputted from this software as it has happened.

It works if the file is on local disk. If they start it from a specific Windows network share it stops working. I think that the have a special setting which causes this issue. But I don't know that could be reason.

My Question:

Do you know settings, an system administrator could make, that prevents a software, running as normal user, to connect to a listening port, that the program has opened just a moment ago? May be group policy settings in the active directory?

I've written a test program to try this again at our customer.

Pluto1010
  • 103
  • 8
  • 1
    Maybe Firewall? General computing questions can be asked in http://superuser.com/ – Sriram Sakthivel Apr 22 '15 at 14:46
  • 1
    Try enabling full trust for the network share. [See this answer][1]. [1]: http://stackoverflow.com/a/148898/266804 – Rush Frisby Apr 22 '15 at 14:49
  • 1
    could be that the file share has to be added as a trusted location. Otherwise .Net Code Access Security may prevent the application to open network ports. – Dirk Trilsbeek Apr 22 '15 at 14:49
  • Sounds like it is going into a time-wait state based on your comment *that the program has opened just a moment ago*. Run `netstat -a` and look for that. – Kit Apr 22 '15 at 14:50
  • Check if it is not "loopback check security feature" (https://support.microsoft.com/en-us/kb/896861/), may not apply to raw TCP connections, but does not hurt to verify. – Alexei Levenkov Apr 22 '15 at 14:57
  • You are not using the correct port number. They are reserved for "ephemeral ports", the ones used by a *listener* to connect to a server. – Hans Passant Apr 22 '15 at 15:25
  • Thank you for your responses so far! I have the order to try to make it work without the need to add a share manually to full trust. It could be difficult to do this on a large number of places around the world. They are using the software independently from our customer. So if they would need to add that with caspol.exe as FullTrust to run the application it could create a negative emotion about it. – Pluto1010 Apr 22 '15 at 18:01
  • Our users of the app can not do a "netstat -a" as they are not able to due to an enabled kiosk mode. They can't leave the application to do this. I would need to provide them a version configured to stay in windowed mode. – Pluto1010 Apr 22 '15 at 18:06
  • I thought I can use every port greater than 1024 for my services if its free!? – Pluto1010 Apr 22 '15 at 18:07
  • Hmm.. a firewall blocking access to localhost from a local device? Maybe thats possible but I have very limited access to our real client computers as they are distributed around the world. :( – Pluto1010 Apr 22 '15 at 18:09

0 Answers0