I have a remote server running listening on a particular port.
Occasionaly I get a scenario where suddenly a client cannot connect to the server on that port. It is a random issue where some other PC's can connect but 1 in 100 may be unable to connect.
The clients are using Windows PC where as the server is on Linux.
I have done the following to trace the error.
-
Run
netstaton the client to find if that port is in use. Netstat does not find any process using that port. -
Disabling
Windows Firewallor any other firewalls. Again no luck here. -
Running
portqryon the client PC and it shows that the port is FILTERED
As I said this only occures on random clients if I run portqry at the same time on another client the port shows as LISTENING so it seems something is going wrong on the client side.
So for the only solution I have found is a complete reintstall of the OS on the client side.
How do I figure where exactly in the the line from client to server is the port being blocked?
EDIT
I have tried the following things
- ping works ok
- tracert shows around 20 hops and ends succesfully.
- nmap shows port filtered but does a successful tracert.
Best Answer
portqryonly shows the same problem as the client software being unable to connect.I'm guessing your clients are using NAT? With some clients connecting while others can't, this pretty much rules out remote problems (as they're likely to use the same public IP). However, if you're using an egress IP pool this could very well be the problem when different IP addresses don't fit remote server access restriction.
The remote server/firewall might also be limiting the number of connections from a single IP address.
You'll need to check your access firewall/router for any problems. Can the clients in question ping the remote server? Access other servers normally? What does a
tracertshow up? Is the firewall logging anything for these clients?Possibly, a client reinstall just works because it takes a while and allows the problem to move elsewhere.
If you can reproduce the problem at one point I'd try Wireshark to find out who sends the port reset (and thus rejects the connection).