<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div><span>Hello Rob,</span></div><div><span>netstat |grep 443 returned nothing, but lsof -i :80 (or :443) returned things like this:<br></span></div><div><span>httpd 4206 apache 5u IPv6 846355 TCP *:http (LISTEN)<br>is the IPv6 here a problem?</span></div><div><span>Thanks,</span></div><div><span>George</span></div><div><br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; margin-top: 5px; padding-left: 5px;"> <div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"> <div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"> <div dir="ltr"> <font face="Arial" size="2"> <hr size="1"> <b><span style="font-weight: bold;">From:</span></b> Rob Crittenden <rcritten@redhat.com><br>
<b><span style="font-weight: bold;">To:</span></b> george he <george_he7@yahoo.com> <br><b><span style="font-weight: bold;">Cc:</span></b> "freeipa-users@redhat.com" <freeipa-users@redhat.com> <br> <b><span style="font-weight: bold;">Sent:</span></b> Tuesday, June 19, 2012 10:43 AM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [Freeipa-users] ipa installation problem<br> </font> </div> <br>
george he wrote:<br>> Hello Rob,<br>> Can it be that the httpd service is not running properly?<br>> On all servers, I can only run wget on the server itself successfully...<br>> At least on fc15, the client was able to contact the server, but the<br>> connection was refused.<br>> maybe the configuration part of httpd?<br>> On other machines in the same lab, I have set up two web servers in the<br>> "usual" way and they both run with no problem.<br><br>I don't know what to tell you. This problem is independent of IPA. It <br>means that the client doesn't know how to get to the server (no route to <br>host)<br><br>Connection refused would suggest that the server isn't accepting <br>connections. You could use netstat to confirm that it is listening on <br>ports 80 and 443, I think you'll find it is.<br><br>IPA doesn't do anything particularly clever with the web server, just <br>configures it to use mod_nss as an SSL listener. Since
wget is using <br>port 80 you aren't even using any changes made by IPA. And no route to <br>host suggests it isn't even getting that far.<br><br>You might try shutting down iptables on the server and client and try that.<br><br>rob<br><br>> Thanks,<br>> George<br>><br>> ------------------------------------------------------------------------<br>> *From:* Rob Crittenden <<a ymailto="mailto:rcritten@redhat.com" href="mailto:rcritten@redhat.com">rcritten@redhat.com</a>><br>> *To:* george he <<a ymailto="mailto:george_he7@yahoo.com" href="mailto:george_he7@yahoo.com">george_he7@yahoo.com</a>><br>> *Cc:* "<a ymailto="mailto:freeipa-users@redhat.com" href="mailto:freeipa-users@redhat.com">freeipa-users@redhat.com</a>" <<a ymailto="mailto:freeipa-users@redhat.com" href="mailto:freeipa-users@redhat.com">freeipa-users@redhat.com</a>><br>> *Sent:*
Tuesday, June 19, 2012 9:32 AM<br>> *Subject:* Re: [Freeipa-users] ipa installation problem<br>><br>> george he wrote:<br>> > Hello all,<br>> > While waiting for more suggestions on my thread "is not an IPA v2<br>> > Server", I tried to install ipa server on other machines running fc16<br>> > and fc15.<br>> > When server is on fc16, I get the same error as when it's on<br>> fc17, wget<br>> > failed: No route to host.<br>> > when server is on fc15, wget still failed, but the reason was<br>> > "Connection refused".<br>> > Seems to me there's something else to do after running<br>> > ipa-server-install on the server.<br>><br>>
This is unrelated to IPA. We do no network configuration changes,<br>> only start services.<br>><br>> The client is doing a simple wget which just issues an HTTP request.<br>> The network stack is saying it can't talk to the IPA server so I'd<br>> start there. wireshark might be helpful.<br>><br>> rob<br>><br>><br><br><br><br> </div> </div> </blockquote></div> </div></body></html>