AccessGateway configuration stuck on "Please enter the HTTP Port number"
Article ID: 366795
Updated On:
Products
Issue/Introduction
Run below command,
/opt/CA/secure-proxy/install_config_info/ca-sps-config.bin LAX_VM /bin/java
It starts with configuration but get stuck at HTTP PORT
"
Please enter the HTTP Port number
HTTP Port (Default: 80):
"
The netstat command shows below SYN_SENT on port 80
# netstat -anpo | grep 16166
tcp6 0 1 ::1:42222 ::1:80 SYN_SENT 16166/java on (13.90/4/0)
unix 2 [ ] STREAM CONNECTED 64069 16166/java
unix 2 [ ] STREAM CONNECTED 68656 16166/java
Environment
java version "1.8.0_401"
OS: RHEL 8.9
AG version 12.8.08.2892
Cause
Run the strace command as below, to get traces of all sub processes:
# mkdir /root/mydumps
# cd /root/mydumps
# strace -o run.dump -t -ff /opt/CA/secure-proxy/install_config_info/ca-sps-config.bin -i console > run-output.txt 2>&1
run.dump.3524
13:15:02 connect(11, {sa_family=AF_INET6, sin6_port=htons(80), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::ffff:127.0.0.1", &sin6_addr), sin6_scope_id=0}, 28) = -1 ECONNREFUSED (Connection refused)
13:18:31 connect(11, {sa_family=AF_INET6, sin6_port=htons(443), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::ffff:127.0.0.1", &sin6_addr), sin6_scope_id=0}, 28) = -1 ECONNREFUSED (Connection refused)
Further investigation confirms that iptables is not working as expected.
Resolution
Use firewalld instead of iptables fixes the issue.
Or workaround:
If IPv6 is not needed, then disable IPv6, and remove following line in /etc/hosts
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Additional Information
Other possible reasons of connection refused on ipv6 address of localhost,
- IPv6 stack is not enabled on the network interface
- firewall issue
- SELinux enabled
etc.
Feedback
