logo
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

2 Pages12>
Options
Go to last post Go to first unread
bigdessert  
#1 Posted : Tuesday, October 28, 2014 4:49:16 PM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
Is it possible to share the relay port with multiple installations?

Edited by user Tuesday, October 28, 2014 4:49:55 PM(UTC)  | Reason: Not specified

Jake  
#2 Posted : Wednesday, October 29, 2014 8:24:37 PM(UTC)
Jake


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 4/9/2010(UTC)
Posts: 2,061

Thanks: 1 times
Was thanked: 393 time(s) in 188 post(s)
In 5.0 we've added a hidden "ScreenConnect Router" service. To "install" it, simply go to registry HKLM/System/CurrentControlSet/Services and copy the "ScreenConnect Relay" key to a key "ScreenConnect Router". Then it'll appear as a start-able service (reboot required?).

It's configurable in the web.config:

Code:

<configuration>
 <configSections>
  <section name="screenconnect.routing" type="Elsinore.ScreenConnect.RoutingConfigurationHandler, Elsinore.ScreenConnect.Server" />
 </configSections>
 <screenconnect.routing>
  <listenUris>
   <listenUri>tcp://+:80/</listenUri>
   <listenUri>tcp://+:443/</listenUri>
  </listenUris>
  <rules>
   <rule schemeExpression="http" actionType="issueRedirect" actionData="https://$HOST/" />
   <rule schemeExpression="ssl" actionType="forwardPayload" actionData="https://localhost:8043/" />
   <rule schemeExpression="relay" actionType="forwardPayload" actionData="https://localhost:8041/" />
  </rules>
 </screenconnect.routing>
 <location path="Host.aspx">



    * The protocol in each listenUri is ignored (tcp is just specified as kind of a dummy value)
    * You can use "schemeExpression", "hostExpression", "portExpression", "pathExpression", and "queryExpression" for filtering... They are all regular expressions
    * You can substitute $SCHEME, $HOST, $PORT, $PATH, and $QUERY into actionData
    * You will see schemes "ssl", "http" and "relay" come through (we don't know that "ssl" is "https")
    * SSL will use SNI to parse the hostname out of the client hello handshake
    * This cannot share port/ips with IIS/HTTP.SYS, but it can forward data to IIS/HTTP.SYS
    * In the case above the ScreenConnect RelayListenUri was relay://+:8041/ and the WebServerRelayListenUri was https://+:8043/
    * You'll need RelayAddressableUri and WebServerAddressableUri entries
    * Your listenUri entries will likely specify distinct IPs so you don't have to bind on all adapters
    * We use this same method for our cloud hosting, but we have dynamic rules ... and we don't do forwardPayload with HTTPS; our web servers bind to the public hostname directly on 443

Edited by user Wednesday, October 29, 2014 8:25:08 PM(UTC)  | Reason: Not specified

ScreenConnect Team
bigdessert  
#3 Posted : Thursday, October 30, 2014 12:37:47 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
Does this work on Linux installations?
Alexander  
#4 Posted : Friday, October 31, 2014 2:48:21 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Yes; to enable it, edit /etc/init.d/screenconnect and replace 7 with 0 or 15 in the line:
Code:
mono "$screenconnectPath/Bin/Elsinore.ScreenConnect.Service.exe" startservices 7 "$signalPID" "$signalNumber" >> "$logFilePath" 2>&1 </dev/null &
ScreenConnect Team
bigdessert  
#5 Posted : Saturday, November 1, 2014 3:47:21 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
I cannot get this to work on linux no matter how hard I try. Any suggestions?
Alexander  
#6 Posted : Monday, November 3, 2014 6:57:51 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Hmm, can you be more specific? And what does your /var/log/screenconnect look like?
ScreenConnect Team
bigdessert  
#7 Posted : Tuesday, November 4, 2014 3:39:10 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
here is my /var/log/screenconnect

Code:
Event (2014/11/04 03:36:37.426 +00:00, ScreenConnect Session Manager, Information): Starting service...
Event (2014/11/04 03:36:38.133 +00:00, ScreenConnect Session Manager, Information): Successfully started service.
Event (2014/11/04 03:36:38.133 +00:00, ScreenConnect Relay, Information): Starting service...
Event (2014/11/04 03:36:38.444 +00:00, ScreenConnect Relay, Information): Successfully started service.
Event (2014/11/04 03:36:38.444 +00:00, ScreenConnect Web Server, Information): Starting service...
Event (2014/11/04 03:36:48.201 +00:00, ScreenConnect Web Server, Information): Successfully started service.
Event (2014/11/04 03:36:48.201 +00:00, ScreenConnect Router, Information): Starting service...
Event (2014/11/04 03:36:48.510 +00:00, ScreenConnect Router, Information): Successfully started service.


Here is my section of the routers

Code:
<configSections>
<section name="screenconnect.routing" type="Elsinore.ScreenConnect.RoutingConfigurationHandler, Elsinore.ScreenC$
</configSections>
<screenconnect.routing>
<listenUris>
<listenUri>tcp://+:80/</listenUri>
<listenUri>tcp://+:443/</listenUri>
</listenUris>
<rules>
<rule schemeExpression="http" actionType="forwardPayload" actionData="http://localhost:8040/" />
<rule schemeExpression="ssl" actionType="forwardPayload" actionData="http://localhost:8040/" />
<rule schemeExpression="relay" actionType="forwardPayload" actionData="https://localhost:8041/" />
</rules>
</screenconnect.routing>


I also have the following in web.config

Code:
<add key="WebServerAddressableUri" value="http://198.58.122.106/"></add>
  <add key="RelayAddressableUri" value="relay://198.58.122.106:443/"></add>


If I run the exact same config on a windows machine it works perfectly.

Another thing to note is that when starting the service in linux I get a lot of mono processes spawned.

UserPostedImage

Edited by user Tuesday, November 4, 2014 3:52:12 AM(UTC)  | Reason: Not specified

bigdessert  
#8 Posted : Tuesday, November 4, 2014 4:04:49 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
I can also see that the correct ports are listening.

UserPostedImage

Also to note, I did a tcpdump on port 80 and can see the traffic coming in. I can also tcpdump port 8040 but see none of that traffic. That tells me the actual routing is not working correctly.
Jake  
#9 Posted : Tuesday, November 4, 2014 11:13:57 PM(UTC)
Jake


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 4/9/2010(UTC)
Posts: 2,061

Thanks: 1 times
Was thanked: 393 time(s) in 188 post(s)
add this to your web.config to get some tracing:
Code:

<configuration>
  <system.diagnostics>
    <trace autoflush="true" />
    <sharedListeners>
      <add name="Listener" type="System.Diagnostics.ConsoleTraceListener" />
    </sharedListeners>
    <sources>
      <source name="Router" switchValue="All"><listeners><add name="Listener" /></listeners></source>
     </sources>
  </system.diagnostics>
...
ScreenConnect Team
Jake  
#10 Posted : Tuesday, November 4, 2014 11:18:25 PM(UTC)
Jake


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 4/9/2010(UTC)
Posts: 2,061

Thanks: 1 times
Was thanked: 393 time(s) in 188 post(s)

also, this won't work:

Code:
<rule schemeExpression="ssl" actionType="forwardPayload" actionData="http://localhost:8040/" />



... but it shouldn't adversely affect you because i assume you're testing the web with just http over port 80.
ScreenConnect Team
bigdessert  
#11 Posted : Wednesday, November 5, 2014 12:04:35 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
I get this when adding the tracing section

Code:
Exception rethrown at [0]:
 ---> System.TypeInitializationException: An exception was thrown by the type initializer for Elsinore.ScreenConnect.TypeTrace`1 ---> System.Configuration.ConfigurationErrorsException: Error Initializing the configuration system. ---> System.Configuration.ConfigurationErrorsException: Unrecognized configuration section <configSections> (/opt/screenconnect/web.config line 11)
  at System.Configuration.ConfigInfo.ThrowException (System.String text, System.Xml.XmlReader reader) [0x00000] in <filename unknown>:0
  at System.Configuration.SectionGroupInfo.ReadContent (System.Xml.XmlReader reader, System.Configuration.Configuration config, Boolean overrideAllowed, Boolean root) [0x00000] in <filename unknown>:0
  at System.Configuration.SectionGroupInfo.ReadRootData (System.Xml.XmlReader reader, System.Configuration.Configuration config, Boolean overrideAllowed) [0x00000] in <filename unknown>:0
  at System.Configuration.Configuration.ReadConfigFile (System.Xml.XmlReader reader, System.String fileName) [0x00000] in <filename unknown>:0
  at System.Configuration.Configuration.Load () [0x00000] in <filename unknown>:0
  at System.Configuration.Configuration.Init (IConfigSystem system, System.String configPath, System.Configuration.Configuration parent) [0x00000] in <filename unknown>:0
  at System.Configuration.Configuration..ctor (System.Configuration.InternalConfigurationSystem system, System.String locationSubPath) [0x00000] in <filename unknown>:0
  at System.Configuration.InternalConfigurationFactory.Create (System.Type typeConfigHost, System.Object[] hostInitConfigurationParams) [0x00000] in <filename unknown>:0
  at System.Configuration.ConfigurationManager.OpenExeConfigurationInternal (ConfigurationUserLevel userLevel, System.Reflection.Assembly calling_assembly, System.String exePath) [0x00000] in <filename unknown>:0
  at System.Configuration.ClientConfigurationSystem.get_Configuration () [0x00000] in <filename unknown>:0
  --- End of inner exception stack trace ---
  at System.Configuration.ClientConfigurationSystem.get_Configuration () [0x00000] in <filename unknown>:0
  at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection (System.String configKey) [0x00000] in <filename unknown>:0
  at System.Configuration.ConfigurationManager.GetSection (System.String sectionName) [0x00000] in <filename unknown>:0
  at System.Configuration.ConfigurationSettings.GetConfig (System.String sectionName) [0x00000] in <filename unknown>:0
  at System.Diagnostics.DiagnosticsConfiguration.get_Settings () [0x00000] in <filename unknown>:0
  at System.Diagnostics.TraceSource..ctor (System.String name, SourceLevels sourceLevels) [0x00000] in <filename unknown>:0
  at System.Diagnostics.TraceSource..ctor (System.String name) [0x00000] in <filename unknown>:0
  at Elsinore.ScreenConnect.DiagnosticsTraceSource..ctor (System.String name) [0x00000] in <filename unknown>:0
  at Elsinore.ScreenConnect.MonoToolkit.CreateTraceSource (System.String name) [0x00000] in <filename unknown>:0
  at Elsinore.ScreenConnect.TypeTrace`1[Elsinore.ScreenConnect.AppDomainServiceRoot]..cctor () [0x00000] in <filename unknown>:0
  --- End of inner exception stack trace ---
  at Elsinore.ScreenConnect.ServerExtensions.TypeTraceCurrentThreadStack[AppDomainServiceRoot] (Int32 stopAfterMillis, Int32 intervalMillis) [0x00000] in <filename unknown>:0
  at Elsinore.ScreenConnect.AppDomainServiceRoot..ctor () [0x00000] in <filename unknown>:0
  at Elsinore.ScreenConnect.ServiceHostWrapper`1[Elsinore.ScreenConnect.SessionManager]..ctor () [0x00000] in <filename unknown>:0
  at Elsinore.ScreenConnect.SessionManagerServiceHostWrapper..ctor () [0x00000] in <filename unknown>:0
  at (wrapper managed-to-native) System.Reflection.MonoCMethod:InternalInvoke (System.Reflection.MonoCMethod,object,object[],System.Exception&)
  at System.Reflection.MonoCMethod.Invoke (System.Object obj, BindingFlags invokeAttr, System.Reflection.Binder binder, System.Object[] parameters, System.Globalization.CultureInfo culture) [0x00000] in <filename unknown>:0
  --- End of inner exception stack trace ---
  at (wrapper xdomain-invoke) System.AppDomain:CreateInstance (string,string)
  at (wrapper remoting-invoke-with-check) System.AppDomain:CreateInstance (string,string)
  at Elsinore.ScreenConnect.AppDomainRootObjectConfigurationService.CreateAppDomainServiceRoot () [0x00000] in <filename unknown>:0
  at Elsinore.ScreenConnect.AppDomainServiceBase.StartServiceInternal () [0x00000] in <filename unknown>:0

Edited by user Wednesday, November 5, 2014 12:06:07 AM(UTC)  | Reason: Not specified

bigdessert  
#12 Posted : Wednesday, November 5, 2014 12:05:38 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
Here is web.config

Code:
<configuration>
<system.diagnostics>
<trace autoflush="true" />
<sharedListeners>
<add name="Listener" type="System.Diagnostics.ConsoleTraceListener" />
</sharedListeners>
<sources>
<source name="Router" switchValue="All"><listeners><add name="Listener" /></listeners></source>
</sources>
</system.diagnostics>
<configSections>
<section name="screenconnect.routing" type="Elsinore.ScreenConnect.RoutingConfigurationHandler, Elsinore.ScreenConnect.Server" />
</configSections>
<screenconnect.routing>
<listenUris>
<listenUri>tcp://+:80/</listenUri>
<listenUri>tcp://+:443/</listenUri>
</listenUris>
<rules>
<rule schemeExpression="http" actionType="forwardPayload" actionData="http://198.58.122.106:8040/" />
<rule schemeExpression="ssl" actionType="forwardPayload" actionData="http://localhost:8040/" />
<rule schemeExpression="relay" actionType="forwardPayload" actionData="https://localhost:8041/" />
</rules>
</screenconnect.routing>
 <location path="Host.aspx">
  <appSettings>
   <add key="MaxLongestTicketReissueIntervalSeconds" value="86400"></add>
   <add key="MinAuthenticationFactorCount" value="0"></add>
   <add key="RestrictToIPs" value=""></add>
   <add key="BlockIPs" value=""></add>
  </appSettings>
 </location>
 <location path="Administration.aspx">
  <appSettings>
   <add key="MaxLongestTicketReissueIntervalSeconds" value="1800"></add>
   <add key="MinAuthenticationFactorCount" value="0"></add>
   <add key="RestrictToIPs" value=""></add>
   <add key="BlockIPs" value=""></add>
  </appSettings>
bigdessert  
#13 Posted : Wednesday, November 5, 2014 12:07:36 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
Originally Posted by: Jake Go to Quoted Post

also, this won't work:

Code:
<rule schemeExpression="ssl" actionType="forwardPayload" actionData="http://localhost:8040/" />



... but it shouldn't adversely affect you because i assume you're testing the web with just http over port 80.


Yeah right now I am just trying to get port 80 working to start.
Alexander  
#14 Posted : Wednesday, November 5, 2014 12:31:04 AM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
In the web.config, the configSections element has to be the first child element of the configuration element.
ScreenConnect Team
bigdessert  
#15 Posted : Wednesday, November 5, 2014 12:36:38 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
Originally Posted by: Alexander Go to Quoted Post
In the web.config, the configSections element has to be the first child element of the configuration element.


Got it moved and working. Here is what it shows.

Code:
Router Information: 0 : Parsed original URI 'http://198.58.122.106/' out of 366 byte handshake
Router Information: 0 : Using rule to process URI: http://198.58.122.106/
Router Information: 0 : Performing action ForwardPayload 'http://localhost:8040/'...
Router Information: 0 : Parsed original URI 'http://198.58.122.106/' out of 366 byte handshake
Router Information: 0 : Using rule to process URI: http://198.58.122.106/
Router Information: 0 : Performing action ForwardPayload 'http://localhost:8040/'...
Router Information: 0 : Parsed original URI 'http://198.58.122.106/' out of 366 byte handshake
Router Information: 0 : Using rule to process URI: http://198.58.122.106/
Router Information: 0 : Performing action ForwardPayload 'http://localhost:8040/'...
Jake  
#16 Posted : Wednesday, November 5, 2014 3:20:54 AM(UTC)
Jake


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 4/9/2010(UTC)
Posts: 2,061

Thanks: 1 times
Was thanked: 393 time(s) in 188 post(s)
So everything is working?
ScreenConnect Team
bigdessert  
#17 Posted : Wednesday, November 5, 2014 3:34:18 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
nope, nothing works.....
Alexander  
#18 Posted : Thursday, November 6, 2014 5:18:30 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
All right, it turns out there's a bug in mono that stops this from working. At first we thought we could just pull in a fix, but it turned out to not be that simple, so for now the router just works on Windows.
ScreenConnect Team
bigdessert  
#19 Posted : Friday, November 7, 2014 12:05:23 AM(UTC)
bigdessert


Rank: Advanced Member

Medals: ScreenConnect Advisor: Focus Group MemberLevel 3: Shirt off your back! Received 25 Thanks!

Joined: 9/13/2010(UTC)
Posts: 707
Location: Minnesota

Thanks: 1 times
Was thanked: 44 time(s) in 32 post(s)
Well thats a BIG bummer!
marktoo  
#20 Posted : Thursday, April 23, 2015 7:53:27 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
First a "shout out" to Steven Dove from ScreenConnect Support in Florida. He pointed me in the direction of this post in order to solve an issue I had brought to his attention. He was very helpful and was willing to spend the time necessary to assist with implementing this resolution in our environment. Great customer service... made me feel like the success of our business is important to the team at ScreenConnect!

Anyway, we ran into an issue this past weekend where all of the ScreenConnect services (including the new ScreenConnect Router service) terminated unexpectedly and did not restart. Thus... nothing was able to reach our ScreenConnect until the services were restarted.

After poking around through the Event Logs it appeared that the cause of the services shutdown was related to the ScreenConnect Router service. I contacted Steven through our earlier ticket to request assistance.

It turns out that Steven experienced the same thing on one of his "test" systems within a 1/2 hour of when our installation shut down:

Quote:
Thanks for the reply. Looking at the server I setup, I had the same thing happen this weekend about 20 minutes before yours. I'm going to create a new ticket and send that up to our development team to get more insight on what might have caused the problem. Please let us know if it happens again!


So... since this hidden feature was introduced here on the forum, the development team asked that I post the issue on the forum in order that it might be supported. Ok... no problem, here goes:

Anyway, this past Sunday morning I was unable to connect to our ScreenConnect portal. So, I logged into the ScreenConnect server and found that all of the ScreenConnect services were not running. It appears as if they were all terminated at 4:51am…

Here is a screenshot of an applicable section of the Application log from Event Viewer:

Application Log

Event 1325 mentions a problem that contains the “Elsinore.ScreenConnect.Router”...

Quote:
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 4/19/2015 4:51:30 AM
Event ID: 1325
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: SCREENCONNECT
Description:
The description for Event ID 1325 from source ASP.NET 4.0.30319.0 cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

An unhandled exception occurred and the process was terminated.

Application ID: ConfigurationRouter-0003

Process ID: 1304

Exception: System.UriFormatException

Message: Invalid URI: The hostname could not be parsed.

StackTrace: at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
at System.Uri..ctor(String uriString)
at System.UriBuilder.get_Uri()
at Elsinore.ScreenConnect.Router.HttpHandshakeProcessor.ProcessHandshakeData(IPEndPoint localEndPoint, IPEndPoint remoteEndPoint, ArraySegment`1 mutableHandshakeData)
at Elsinore.ScreenConnect.Router.<>c__DisplayClass1d.<ProcessHandshakeAsync>b__1a(HandshakeProcessor hp)
at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
at System.Linq.Enumerable.WhereEnumerableIterator`1.MoveNext()
at System.Linq.Enumerable.FirstOrDefault[TSource](IEnumerable`1 source)
at Elsinore.ScreenConnect.Router.ProcessHandshakeAsync(IPEndPoint localEndPoint, IPEndPoint remoteEndPoint, ArraySegment`1 mutableHandshakeData, Proc`2 proc)
at Elsinore.ScreenConnect.Router.<>c__DisplayClass24.<ProcessAcceptedSocket>b__20()
at Elsinore.ScreenConnect.SocketAsyncExecutor.<.ctor>b__0(Object , SocketAsyncEventArgs )
at System.Net.Sockets.SocketAsyncEventArgs.OnCompleted(SocketAsyncEventArgs e)
at System.Net.Sockets.SocketAsyncEventArgs.ExecutionCallback(Object ignored)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.Sockets.SocketAsyncEventArgs.FinishOperationSuccess(SocketError socketError, Int32 bytesTransferred, SocketFlags flags)
at System.Net.Sockets.SocketAsyncEventArgs.CompletionPortCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)


Also, the System log shows:

System Log

So, since it looks like the shutdown of our SC services may have had something to do with the ScreenConnect Router service I have attached the details of the above events in two .txt files in the reply to the ticket that Steven worked on for your viewing pleasure… It should be on file in the SC ticketing system.

This is the first time that this has happened, but… I just want to make sure that if something is misconfigured or there is a glitch in the “router” that we are able to resolve it so that it doesn’t happen again.

Let me know if you need any further info. Thanks for your help!
Alexander  
#21 Posted : Friday, April 24, 2015 5:15:37 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
All right, we've added handling to keep it from crashing; chances are it's just a malformed header or something. That'll be in the next 5.3 prerelease.
ScreenConnect Team
marktoo  
#22 Posted : Friday, April 24, 2015 8:14:55 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
Excellent, thanks Alexander!
marktoo  
#23 Posted : Saturday, June 20, 2015 5:41:22 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
After upgrading from 5.2.8724 to 5.3.9074 the "ScreenConnect Router" service would no longer start. Here is what I did to fix the issue:

In REGEDIT...

HKLM\SYSTEM\CurrentControlSet\Services\ScreenConnect Router

MODIFY "ImagePath"

from: "C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Service.exe"

to: "C:\Program Files (x86)\ScreenConnect\Bin\ScreenConnect.Service.exe"

(Bottom line: remove "Elsinore.")

Hope this info is helpful to someone!

Mark
thanks 1 user thanked marktoo for this useful post.
oneboise on 7/21/2015(UTC)
CameronT  
#24 Posted : Tuesday, July 28, 2015 4:44:25 PM(UTC)
CameronT


Rank: Newbie

Joined: 7/28/2015(UTC)
Posts: 5
United States
Location: Indianapolis, IN

Thanks: 10 times
First off if it's a no no to post a reply to this since it's been so long and I need to open a new one please let me know.


So I installed ScreenConnect about a month ago on my Windows 8.1 computer and for the most part everything has been working great. I however have a few computers where it has the slowest connection in the world to when trying to use SC relay over port 8041. Not sure if that is the issue but the ScreenConnect support logged in to the computer using port 443 and it seemed to be working just fine for them. I have SSL set up with my installation and I also have all port 80 traffic redirected directly to port 443 so that if someone forgets the https they don't get a connection error. I would like to use the screenconnect router/shared relay function in order to set up the relay on 443 as well. I've tried following the instructions in this forum and every time I do it breaks my installs and I have to delete the new code I added in order to get everything working again. I also will of course need to change the current unattended clients via a remote reinstall to the new relay port and not lose them. I have about 260+ computers on unattended access right now and it would be a real big pain in the butt to have to add everyone again without just simply hitting the reinstall from directly inside of SC. Hopefully this is enough information. Please let me know if any more information is required.
Alexander  
#25 Posted : Tuesday, July 28, 2015 8:22:19 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Hmm, when it "breaks your installs", do you see any sort of error message? Anything ScreenConnect-related in the Windows Event Log?

You could add some tracing (mostly the same as earlier in the thread, but slightly different for Windows instead of Mono):
Code:
<configuration>
<system.diagnostics>
<trace autoflush="true" />
<sharedListeners>
<add name="Listener" type="System.Diagnostics.TextWriterTraceListener" initializeData="trace.log" />
</sharedListeners>
<sources>
<source name="Router" switchValue="All"><listeners><add name="Listener" /></listeners></source>
</sources>
</system.diagnostics>
...



As for changing the unattended clients to call back to the new port, we have a help article about that.
ScreenConnect Team
CameronT  
#26 Posted : Monday, August 3, 2015 2:26:11 PM(UTC)
CameronT


Rank: Newbie

Joined: 7/28/2015(UTC)
Posts: 5
United States
Location: Indianapolis, IN

Thanks: 10 times
Where do the error messages get logged? I am going to try to work on this today more if I can but I've been very busy lately and can hopefully accomplish this soon.
Alexander  
#27 Posted : Monday, August 3, 2015 4:03:52 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
They get logged to trace.log (which you probably want to change to be an absolute path, since I'm not actually sure where that would end up).

Another option would be to run the services interactively, which will create a window that you can right click on to enable tracing and is also where the messages will appear:
start C:\…\Bin\ScreenConnect.Service.exe interactive
ScreenConnect Team
jeffshead  
#28 Posted : Tuesday, October 27, 2015 11:58:09 PM(UTC)
jeffshead


Rank: Member

Joined: 10/22/2015(UTC)
Posts: 20
United States

Thanks: 1 times
I contacted SC support and requested help with setting up the "hidden" router functionality but I was told it's not officially supported and that I need to ask for help in the forum! So here I am.

I have a Windows 2008 R2 server with SC and the Apache webserver installed. I currently have SC webserver listening on port 443 and the relay listening on port 80 of the same IP address. Apache web server is listening on ports 80 and 443 of all other IP addresses that are setup on this server.

I want to share the same IP address with the SC webserver and relay and use port 443 for both. I would also like to have the SC webserver HTTP traffic automatically redirected to HTTPS.

Below is what I currently have in web.config:
Code:

<add key="WebServerListenUri" value="https://sc.mysite.com:443/" />
<add key="RelayListenUri" value="relay://10.0.0.2:80/" />


Can someone, who has accomplished this, please share their redacted settings with me?

Thanks,

Jeff

Edited by user Friday, October 30, 2015 10:39:23 AM(UTC)  | Reason: Not specified

marktoo  
#29 Posted : Friday, October 30, 2015 12:58:26 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
jeffshead,

If I get time soon I'll check into this for you... been busy. It is unfortunate that support won't help with this.
marktoo  
#30 Posted : Friday, October 30, 2015 1:34:38 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
Ok. I found some notes that we made (I'm glad we made them because it would have been difficult to remember the procedure!).

DISCLAIMER: These are the notes of what worked for us. Your mileage may vary... And... my notes may be incomplete (though I hope not).

That said, here is a (best effort) recap of what we did to get it working. I hope you find it helpful:

Copied the existing SSL Cert from 443 to 8043 (you will need to do this when replacing the cert as well).

To get Cert Hash for SSL on 443, run "netsh http show sslcert" and note the hash.

To remove a Cert from a port: "netsh http delete sslcert ipport=0.0.0.0:{portnumber}" where {portnumber} is the port.

To add a Cert to a port on Windows 7+ or Server 2008 R2 +: "netsh http add sslcert ipport=0.0.0.0:{portnumber} certhash:{certhash} appid={00000000-0000-0000-0000-000000000000}" where certhash is the certificate hash from the first step, or the fingerprint from certificate manager.

Next, we added the following to web.config (after backing it up) between <configuration> and <location path="Host.aspx">

<configSections>
<section name="screenconnect.routing" type="ScreenConnect.RoutingConfigurationHandler, ScreenConnect.Server" />
</configSections>
<screenconnect.routing>
<listenUris>
<listenUri>tcp://+:80/</listenUri>
<listenUri>tcp://+:443/</listenUri>
</listenUris>
<rules>
<rule schemeExpression="http" actionType="issueRedirect" actionData="https://$HOST/" />
<rule schemeExpression="ssl" actionType="forwardPayload" actionData="https://localhost:8043/" />
<rule schemeExpression="relay" actionType="forwardPayload" actionData="https://localhost:8041/" />
</rules>
</screenconnect.routing>

we also changed these web.config appsettings:
<add key="WebServerListenUri" value="https://+:443/" />
<add key="RelayListenUri" value="relay://+:80/" />

to this:
<add key="WebServerListenUri" value="https://+:8043/" />
<add key="WebServerAddressableUri" value="https://support.yourdomain.com/" />
<add key="RelayListenUri" value="relay://+:8041/" />
<add key="RelayAddressableUri" value="relay://support.yourdomain.com:443/" />


We also created the "ScreenConnect Router" service by exporting the ScreenConnect Relay service in the Registry (HKLM\SYSTEM\CurrentControlSet\Services\ScreenConnect Relay) and then modifying the .reg file changing the two "Relay" entries into "Router" then saved and imported that registry entry into the registry and rebooted the server.

The last step to getting it all working was the Windows Firewall - we had to ensure that Edge Transversal was allowed for the SC ports in the firewall. We added new Windows Firewall entries for this to ensure that ScreenConnect would not change these values when it's services were restarted. The ports used are 80 and 443 for traffic to hit the server, and 8041 and 8043 for traffic to itself (which is seen as unsolicited routed traffic, requiring Edge Transversal).

Tested it all working both internally and externally. Of course the clients trying to connect over port 80 and are failing are still going to fail and will require manual re-installation of a freshly downloaded unattended client installer - but we tested the relay working over both port 443, and port 80 with existing clients already able to connect.

Mark

thanks 1 user thanked marktoo for this useful post.
pstatho on 10/25/2016(UTC)
Alexander  
#31 Posted : Friday, October 30, 2015 2:10:15 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Originally Posted by: marktoo Go to Quoted Post
Of course the clients trying to connect over port 80 and are failing are still going to fail and will require manual re-installation of a freshly downloaded unattended client installer


You should be able to prevent that by adding RelayAddressableUri first: see this help page.
ScreenConnect Team
jeffshead  
#32 Posted : Saturday, October 31, 2015 1:48:22 AM(UTC)
jeffshead


Rank: Member

Joined: 10/22/2015(UTC)
Posts: 20
United States

Thanks: 1 times
@Mark, thanks so very much for taking the time to share that information :-)

Unfortunately, even after following your instructions to the letter, it's not working. I cannot access the web page using https://support.mysite.com. I have to use https://support.mysite.com:8043

Code:

Router Information: 0 : Parsed original URI 'ssl://support.mysite.com/' out of 185 byte handshake
Router Information: 0 : Using rule to process URI: ssl://support.mysite.com/
Router Information: 0 : Performing action ForwardPayload 'https://localhost:8043/'...
Router Information: 0 : Parsed original URI 'ssl://support.mysite.com/' out of 185 byte handshake
Router Information: 0 : Using rule to process URI: ssl://support.mysite.com/
Router Information: 0 : Performing action ForwardPayload 'https://localhost:8043/'...
Router Warning: 0 : Error connecting to echo end point '127.0.0.1:8043'
Router Warning: 0 : Error connecting to echo end point '127.0.0.1:8043'
Router Information: 0 : Parsed original URI 'ssl://support.mysite.com/' out of 133 byte handshake
Router Information: 0 : Using rule to process URI: ssl://support.mysite.com/
Router Information: 0 : Performing action ForwardPayload 'https://localhost:8043/'...
Router Information: 0 : Parsed original URI 'ssl://support.mysite.com/' out of 133 byte handshake
Router Information: 0 : Using rule to process URI: ssl://support.mysite.com/
Router Information: 0 : Performing action ForwardPayload 'https://localhost:8043/'...
Router Warning: 0 : Error connecting to echo end point '127.0.0.1:8043'
Router Warning: 0 : Error connecting to echo end point '127.0.0.1:8043'
Router Warning: 0 : Unable to parse URI from 58 byte handshake after using 3 parsers
Router Information: 0 : Performing action None ''...
Router Warning: 0 : Unable to parse URI from 58 byte handshake after using 3 parsers
Router Information: 0 : Performing action None ''...


Any ideas?


UPDATE:

I think I got it working.

I changed from:
Code:

<rule schemeExpression="ssl" actionType="forwardPayload" actionData="https://localhost:8043/" />
<rule schemeExpression="relay" actionType="forwardPayload" actionData="https://localhost:8041/" />

To:
Code:

<rule schemeExpression="ssl" actionType="forwardPayload" actionData="https://10.0.0.2:8043/" />
<rule schemeExpression="relay" actionType="forwardPayload" actionData="https://10.0.0.2:8041/" />


I don't know why "localhost" doesn't work. Does anyone think using the local IP address of the server instead of "localhost" will cause any negative side effects?

Edited by user Saturday, October 31, 2015 2:32:19 AM(UTC)  | Reason: Not specified

marktoo  
#33 Posted : Thursday, November 5, 2015 5:37:22 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
jeffshead,

Glad it's working for you!

Mark
marktoo  
#34 Posted : Friday, January 22, 2016 8:15:40 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
Update:

The "ScreenConnect Router" service appears to still be functioning properly after updating to 5.5.10194.

(In case anyone is interested...)
Steven  
#35 Posted : Wednesday, August 17, 2016 6:12:50 PM(UTC)
Steven


Rank: Administration

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 5/1/2015(UTC)
Posts: 53
United States
Location: Tampa, FL

Was thanked: 12 time(s) in 8 post(s)
When upgrading this setup to version 6.0, you will get an error mid-upgrade that says it can't start the services citing your permissions as a potential cause. The problem is the 6.0 installer is putting two new location settings in at the to of the web.config file, and the <configSections> tag needs to be the first tag after <configuration> for it to work. To resolve this, open the web.config file mid-upgrade (while you have the option to retry or cancel) and then just move sections needed back to the top of the file, just after the first tag, then save and click 'retry' on the installer.
ScreenConnect Team
thanks 1 user thanked Steven for this useful post.
marktoo on 8/18/2016(UTC)
marktoo  
#36 Posted : Thursday, August 18, 2016 12:24:06 AM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
Originally Posted by: Steven Go to Quoted Post
When upgrading this setup to version 6.0, you will get an error mid-upgrade that says it can't start the services citing your permissions as a potential cause. The problem is the 6.0 installer is putting two new location settings in at the to of the web.config file, and the <configSections> tag needs to be the first tag after <configuration> for it to work. To resolve this, open the web.config file mid-upgrade (while you have the option to retry or cancel) and then just move sections needed back to the top of the file, just after the first tag, then save and click 'retry' on the installer.


Thanks for proactively posting this workaround Steven... I'm sure it will save us lots of time and frustration when we update to 6.0!

Mark

Alexander  
#37 Posted : Thursday, August 18, 2016 9:06:10 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
We just put in a fix for this, so 6.1 and potentially any additional releases of 6.0 should be able to upgrade smoothly even with <configSections>.
ScreenConnect Team
thanks 1 user thanked Alexander for this useful post.
marktoo on 8/19/2016(UTC)
marktoo  
#38 Posted : Friday, August 19, 2016 1:42:16 PM(UTC)
marktoo


Rank: Advanced Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 3/29/2015(UTC)
Posts: 99
United States
Location: Metro DC

Thanks: 27 times
Was thanked: 8 time(s) in 7 post(s)
Originally Posted by: Alexander Go to Quoted Post
We just put in a fix for this, so 6.1 and potentially any additional releases of 6.0 should be able to upgrade smoothly even with <configSections>.


Good to know, thanks Alexander!

Mark

st1172  
#39 Posted : Thursday, October 20, 2016 1:16:34 PM(UTC)
st1172


Rank: Newbie

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 4/7/2015(UTC)
Posts: 6

Was thanked: 2 time(s) in 1 post(s)
I have what I believe to be some odd ScreenConnect Router behavior. Running Windows Server 2008 R2 and coexisting with IIS. I have one IP for IIS and one for SC. All bindings behave correctly except port 8043. Port 8043 seems to want to bind to the IIS IP regardless of web.config settings. When I direct the rule referring to 8043 to the IIS IP, everything works as expected. Netstat shows only the IIS IP listening to port 8043. Perhaps this is expected? If not, what steps may I take to troubleshoot / correct it?

Edited by user Friday, October 21, 2016 3:34:07 AM(UTC)  | Reason: Not specified

Alexander  
#40 Posted : Tuesday, October 25, 2016 3:22:24 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Hmm, could you post your web.config settings or netstat output? Perhaps that will give us a better idea of what's going on.
ScreenConnect Team
st1172  
#41 Posted : Tuesday, October 25, 2016 4:09:48 PM(UTC)
st1172


Rank: Newbie

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 4/7/2015(UTC)
Posts: 6

Was thanked: 2 time(s) in 1 post(s)
Originally Posted by: Alexander Go to Quoted Post
ut? Perhaps that will give us a better idea of what's going on.


The relevant part of <configSections> from web.config
Code:

<configuration>
<configSections>
<section name="screenconnect.routing" type="ScreenConnect.RoutingConfigurationHandler, ScreenConnect.Server" />
</configSections>
<screenconnect.routing>
<listenUris>
<listenUri>tcp://192.168.0.26:80/</listenUri>
<listenUri>tcp://192.168.0.26:443/</listenUri>
</listenUris>
<rules>
<rule schemeExpression="http" actionType="issueRedirect" actionData="https://$HOST/" />
<rule schemeExpression="ssl" actionType="forwardPayload" actionData="https://192.168.0.20:8043/" />
<rule schemeExpression="relay" actionType="forwardPayload" actionData="https://localhost:8041/" />
</rules>
</screenconnect.routing>


The relevant part of <appSettings> from web.config
Code:

  <add key="WebServerListenUri" value="https://+:8043/" />
  <add key="WebServerAddressableUri" value="https://screenconnect.domain.tld/" />
  <add key="RelayListenUri" value="relay://+:8041/" />
  <add key="RelayAddressableUri" value="relay://screenconnect.domain.tld:443/" />


The relevant part of netstat -an output. There is no entry missed for 0.0.0.0:8043, it only bound to the .20 address (which is IIS). .26 is SC.
Code:

Proto	Local Address		Foreign Address	State
TCP		0.0.0.0:8041		0.0.0.0:0		LISTENING
TCP		192.168.0.20:80		0.0.0.0:0		LISTENING
TCP		192.168.0.20:443	0.0.0.0:0		LISTENING
TCP		192.168.0.20:8043	0.0.0.0:0		LISTENING
TCP		192.168.0.26:80		0.0.0.0:0		LISTENING
TCP		192.168.0.26:443	0.0.0.0:0		LISTENING
Alexander  
#42 Posted : Wednesday, October 26, 2016 5:25:00 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
The wildcard address for WebServerListenUri looks like the problem; does it work if you change that to 192.168.0.26 as well?
Otherwise, you could check the Event Viewer, under Windows Logs > Application, source "ScreenConnect Web Server", and see if there are any errors being logged there.
ScreenConnect Team
st1172  
#43 Posted : Thursday, October 27, 2016 2:24:29 AM(UTC)
st1172


Rank: Newbie

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 4/7/2015(UTC)
Posts: 6

Was thanked: 2 time(s) in 1 post(s)
Originally Posted by: Alexander Go to Quoted Post
The wildcard address for WebServerListenUri looks like the problem; does it work if you change that to 192.168.0.26 as well?
Otherwise, you could check the Event Viewer, under Windows Logs > Application, source "ScreenConnect Web Server", and see if there are any errors being logged there.


I changed web.config as you suggested:
Code:

<add key="WebServerListenUri" value="https://192.168.0.26:8043/" />


The result is the web server fails to start. Below is the interactive output from the service. The Windows event log contains the same error for the ScreenConnect Web Server.
Code:

ScreenConnect Session Manager Information: Starting service...
ScreenConnect Session Manager Information: Successfully started service.
ScreenConnect Relay Information: Starting service...
ScreenConnect Relay Information: Successfully started service.
ScreenConnect Web Server Information: Starting service...
ScreenConnect Web Server Error: Failed to start service: System.Net.HttpListenerException (0x80004005): The network location cannot be reached. For information about network troubleshooting, see Windows Help
   at System.Net.HttpListener.AddAllPrefixes()
   at System.Net.HttpListener.Start()
   at ScreenConnect.WebServer.Startup()
   at ScreenConnect.WebServer.Startup()
   at ScreenConnect.AppDomainServiceBase.StartServiceInternal()
   at ScreenConnect.ServiceBaseEx.StartService()
ScreenConnect Router Information: Starting service...
ScreenConnect Router Information: Successfully started service.
Alexander  
#44 Posted : Thursday, October 27, 2016 6:13:12 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
All right, it turns out you have to use netsh (add iplisten) to properly restrict it to a single IP address; the web server uses http.sys, the same as IIS, while the router and relay don't.
If you already did that for IIS, that's probably restricting the web server to .20 as well. So it might just be a question of deleting that.

Another thing that could be helpful to get more information is netstat -ano, which shows the process ids; IIS and web server will be 4 (system process) and router/relay will be different.
ScreenConnect Team
st1172  
#45 Posted : Thursday, October 27, 2016 6:20:54 PM(UTC)
st1172


Rank: Newbie

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 4/7/2015(UTC)
Posts: 6

Was thanked: 2 time(s) in 1 post(s)
Originally Posted by: Alexander Go to Quoted Post
All right, it turns out you have to use netsh (add iplisten) to properly restrict it to a single IP address; the web server uses http.sys, the same as IIS, while the router and relay don't.
If you already did that for IIS, that's probably restricting the web server to .20 as well. So it might just be a question of deleting that.

Another thing that could be helpful to get more information is netstat -ano, which shows the process ids; IIS and web server will be 4 (system process) and router/relay will be different.


I had to add a listen address with netsh to keep IIS from binding all NICs on ports 80 and 443.
Alexander  
#46 Posted : Thursday, October 27, 2016 9:14:49 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Oh yeah, it's not per-port… I guess it would defeat the purpose to add .26 as a listen address, so perhaps add a third one for the web server?
ScreenConnect Team
syn-jmicallef  
#47 Posted : Sunday, October 30, 2016 10:44:50 PM(UTC)
syn-jmicallef


Rank: Guest

Joined: 10/30/2016(UTC)
Posts: 3
Australia
Location: Australia

So I attempted to make this change over the weekend (this worked fine in my test environment on-prem server) but didn't work for our production with 600+ sessions. We are running 6.0.11622.6115.

The routing service seemed to work well (with trace logging enabled I could see it forwarding) but the web server service either returned 500 Internal server error and then after around 15 minutes a Server too busy error. We are running the latest 6.0 Here is our config (the configSection went right to the top otherwise services wouldn't start);

Our existing ports are 443 for the web server and port 80 for the relay (these then change to 8043 and 8041 respectively with the routing config changes).

Code:
<configSections>
   <section name="screenconnect.routing" type="ScreenConnect.RoutingConfigurationHandler, ScreenConnect.Server" />
 </configSections>
 <screenconnect.routing>
  <listenUris>
   <listenUri>tcp://+:80/</listenUri>
   <listenUri>tcp://+:443/</listenUri>
  </listenUris>
  <rules>
   <rule schemeExpression="http" actionType="issueRedirect" actionData="https://$HOST/" />
   <rule schemeExpression="ssl" actionType="forwardPayload" actionData="https://10.51.4.xxx:8043/" />
   <rule schemeExpression="relay" actionType="forwardPayload" actionData="https://10.51.4.xxx:8041/" />
 </rules>
 </screenconnect.routing>
...
  <add key="WebServerListenUri" value="https://+:8043/" />
  <add key="WebServerAddressableUri" value="https://connect.tld.com.au/" />
  <add key="RelayListenUri" value="relay://+:8041/" />
  <add key="RelayAddressableUri" value="relay://connect.tld.com.au:443/" />


With Trace logging on the web server I could see it returning 500 Internal server errors. Netstat showed right ports being utilised. Any ideas? Thanks.
Alexander  
#48 Posted : Monday, October 31, 2016 3:17:43 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
You're forwarding to the external IP, so it's probably getting blocked by a firewall or something; try using "localhost" rather than "10.51.4.xxx".
(Edit: I was mistaken, it is an internal IP)

You can also add <customErrors mode="Off"/> in <system.web> to see what the actual internal server error is.

Edited by user Monday, November 7, 2016 5:33:14 PM(UTC)  | Reason: Not specified

ScreenConnect Team
syn-jmicallef  
#49 Posted : Monday, November 7, 2016 10:28:45 AM(UTC)
syn-jmicallef


Rank: Guest

Joined: 10/30/2016(UTC)
Posts: 3
Australia
Location: Australia

Hi Alexander, I've tried some more tonight on getting this going. Setting localhost or 10.51.4.xxx (which is the IP of the local machine) makes no difference.

Web Server Trace Log shows;
WebServer Information: 0 : [/] Got context
WebServer Information: 0 : [/] Got context
WebServer Information: 0 : [/] Got context

The Router trace log also shows as if it is working;
Router Information: 0 : Parsed original URI 'ssl://connect.tld.com.au/' out of 279 byte handshake
Router Information: 0 : Using rule to process URI: ssl://connect.tld.com.au/
Router Information: 0 : Performing action ForwardPayload 'https://10.51.4.xxx:8043/'...
Router Information: 0 : Connected to echo end point '10.51.4.xxx:8041'; starting forwarding...
Router Information: 0 : Parsed original URI 'relay://connect.tld.com.au/' out of 348 byte handshake
Router Information: 0 : Using rule to process URI: relay://connect.tld.com.au/
Router Information: 0 : Performing action ForwardPayload 'https://10.51.4.xxx:8041/'...
Router Information: 0 : Connected to echo end point '10.51.4.xxx:8041'; starting forwarding...
Router Information: 0 : Parsed original URI 'relay://connect.tld.com.au/' out of 348 byte handshake
Router Information: 0 : Using rule to process URI: relay://connect.tld.com.au/
Router Information: 0 : Performing action ForwardPayload 'https://10.51.4.xxx:8041/'...
Router Information: 0 : Connected to echo end point '10.51.4.xxx:8043'; starting forwarding...
Router Information: 0 : Connected to echo end point '10.51.4.xxx:8041'; starting forwarding...

But it seems like the web server is just stuck and doesn't want to complete requests. Web Browser both IE and Firefox simply keep cycling trying to hit the page.

So far I have been unable to get it to give me a 500 response but have added in the customErrors tag.
Alexander  
#50 Posted : Monday, November 7, 2016 5:29:16 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 712
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Can you access https://10.51.4.xxx:8043/ directly?
ScreenConnect Team
Users browsing this topic
2 Pages12>
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.