[Freeipa-users] ipa installation problem

Rob Crittenden rcritten at redhat.com
Tue Jun 19 14:43:42 UTC 2012 

george he wrote:
> Hello Rob,
> Can it be that the httpd service is not running properly?
> On all servers, I can only run wget on the server itself successfully...
> At least on fc15, the client was able to contact the server, but the
> connection was refused.
> maybe the configuration part of httpd?
> On other machines in the same lab, I have set up two web servers in the
> "usual" way and they both run with no problem.

I don't know what to tell you. This problem is independent of IPA. It 
means that the client doesn't know how to get to the server (no route to 
host)

Connection refused would suggest that the server isn't accepting 
connections. You could use netstat to confirm that it is listening on 
ports 80 and 443, I think you'll find it is.

IPA doesn't do anything particularly clever with the web server, just 
configures it to use mod_nss as an SSL listener. Since wget is using 
port 80 you aren't even using any changes made by IPA. And no route to 
host suggests it isn't even getting that far.

You might try shutting down iptables on the server and client and try that.

rob

> Thanks,
> George
>
>     ------------------------------------------------------------------------
>     *From:* Rob Crittenden <rcritten at redhat.com>
>     *To:* george he <george_he7 at yahoo.com>
>     *Cc:* "freeipa-users at redhat.com" <freeipa-users at redhat.com>
>     *Sent:* Tuesday, June 19, 2012 9:32 AM
>     *Subject:* Re: [Freeipa-users] ipa installation problem
>
>     george he wrote:
>      > Hello all,
>      > While waiting for more suggestions on my thread "is not an IPA v2
>      > Server", I tried to install ipa server on other machines running fc16
>      > and fc15.
>      > When server is on fc16, I get the same error as when it's on
>     fc17, wget
>      > failed: No route to host.
>      > when server is on fc15, wget still failed, but the reason was
>      > "Connection refused".
>      > Seems to me there's something else to do after running
>      > ipa-server-install on the server.
>
>     This is unrelated to IPA. We do no network configuration changes,
>     only start services.
>
>     The client is doing a simple wget which just issues an HTTP request.
>     The network stack is saying it can't talk to the IPA server so I'd
>     start there. wireshark might be helpful.
>
>     rob
>
>

More information about the Freeipa-users mailing list