Jump to content
Vodia PBX forum
ndemou

No access to WebUI after upgrading to 63.0

Recommended Posts

Had no problem in test server but after upgrading our production system to 63.0 we lost access to the web interface! Tried from various IPs, from same LAN and from localhost with no success.

Ports 8080 and 443 are open and LISTENing, we get connected but then the pbxctrl gives zero bytes back. I'm providing the ouput of tests from localhost with wget and openssl below.

Please help as soon as possible.
 

wget -vvvv http://localhost:8080/
--2019-05-24 13:40:19--  http://localhost:8080/
Resolving localhost (localhost)... ::1, ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:8080... connected.
HTTP request sent, awaiting response... No data received.
Retrying.

[...same error again and again...]

wget -vvvv https://localhost
--2019-05-24 13:28:21--  https://localhost/
Resolving localhost (localhost)... ::1, ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:443... connected.
Unable to establish SSL connection.

openssl s_client -debug -host  localhost -port 443                                                                                                                                                                                   
CONNECTED(00000003)
write to 0x21d3500 [0x21d3580] (289 bytes => 289 (0x121))
0000 - 16 03 01 01 1c 01 00 01-18 03 03 58 2a 59 35 05   ...........X*Y5.
0010 - 31 9e c9 3a 58 b9 82 80-ad 03 9c ee cf 4b 2a 1a   1..:X........K*.
0020 - ed 50 8c 11 cf 2b 4a 98-bd be 24 00 00 ac c0 30   .P...+J...$....0
0030 - c0 2c c0 28 c0 24 c0 14-c0 0a 00 a5 00 a3 00 a1   .,.(.$..........
0040 - 00 9f 00 6b 00 6a 00 69-00 68 00 39 00 38 00 37   ...k.j.i.h.9.8.7
0050 - 00 36 00 88 00 87 00 86-00 85 c0 32 c0 2e c0 2a   .6.........2...*
0060 - c0 26 c0 0f c0 05 00 9d-00 3d 00 35 00 84 c0 2f   .&.......=.5.../
0070 - c0 2b c0 27 c0 23 c0 13-c0 09 00 a4 00 a2 00 a0   .+.'.#..........
0080 - 00 9e 00 67 00 40 00 3f-00 3e 00 33 00 32 00 31   ...g.@.?.>.3.2.1
0090 - 00 30 00 9a 00 99 00 98-00 97 00 45 00 44 00 43   .0.........E.D.C
00a0 - 00 42 c0 31 c0 2d c0 29-c0 25 c0 0e c0 04 00 9c   .B.1.-.).%......
00b0 - 00 3c 00 2f 00 96 00 41-c0 12 c0 08 00 16 00 13   .<./...A........
00c0 - 00 10 00 0d c0 0d c0 03-00 0a 00 07 c0 11 c0 07   ................
00d0 - c0 0c c0 02 00 05 00 04-00 ff 01 00 00 43 00 0b   .............C..
00e0 - 00 04 03 00 01 02 00 0a-00 0a 00 08 00 17 00 19   ................
00f0 - 00 18 00 16 00 23 00 00-00 0d 00 20 00 1e 06 01   .....#..... ....
0100 - 06 02 06 03 05 01 05 02-05 03 04 01 04 02 04 03   ................
0110 - 03 01 03 02 03 03 02 01-02 02 02 03 00 0f 00 01   ................
0120 - 01                                                .
read from 0x21d3500 [0x21d8ae0] (7 bytes => 0 (0x0))
140427521087376:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 289 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID: 
    Session-ID-ctx: 
    Master-Key: 
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1558694617
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

 

Share this post


Link to post
Share on other sites

Looks to me like the PBX could not open the sockets for HTTP/HTTPS. Maybe the firewall does not like the new executable? What OS is that? Check with netstat is the ports were opened.

Share this post


Link to post
Share on other sites

OS is linux/CentOS. There is not firewall (wget ...localhost...). The ports _are_ open (notice that wget reports that it gets connected but I also verified with ss).  rawlogin has exactly the same behavior (I get connected but get zero bytes from the PBX). I rebooted (it's deep in the night here) with no success.

Share this post


Link to post
Share on other sites

Not quite fixed after all. It works for a little while then it renders pages with huge logos and unusual layout, then after trying ctrl-F5 (firefox's shortcut to *fully* reload) it stops responding. I'm seeing these lines at the logs:

[6] 20190525003418: Last message repeated 3 times
[3] 20190525003418: Current number of requests 50 has reached maximum 50, connections not accepted
[6] 20190525003418: 140 more requests pending to acme-v02.api.letsencrypt.org:443
[6] 20190525003419: Last message repeated 2 times
[3] 20190525003419: Current number of requests 50 has reached maximum 50, connections not accepted
[6] 20190525003420: 140 more requests pending to acme-v02.api.letsencrypt.org:443
[6] 20190525003422: Last message repeated 5 times
[3] 20190525003422: Current number of requests 50 has reached maximum 50, connections not accepted
[6] 20190525003422: 140 more requests pending to acme-v02.api.letsencrypt.org:443

 

Share this post


Link to post
Share on other sites

Yea... another common problem was that the previous default number of connections was just 50, which is very low. You should set that to 500 or even more (/reg_ports.htm).

image.png

As for the login we have a secondary login page "rawlogin.htm" - you are not the first with that problem!

Share this post


Link to post
Share on other sites

Thanks that was it!

I had to temporarily firewall one IP with a lot of TCP connections in order to let me connect to the webUI.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...