UI3 refusing connections from specific IP addresses in my network

[Shark92651]

About a week ago I restarted the smart switches in my network after performing a firmware upgrade. Since then, we cannot access the UI3 webpage from specific computers in the office. These are computers that monitored the cameras prior with no issues. I can't find any rhyme or reason to it. There have been no changes to firewall or anything like that on either the client computers or the server. For example my CFO cannot open the page from her PC in the office, but can access it over VPN from home without issue. All these computers can ping the server and get a reply and an NMap scan reveals that port 81 is open, but connection is refused. All are running Windows 10 and Google Chrome. The error in Chrome is "This site can't be reached <ip address> refused to connect" Any ideas what to check or change?

 

[looney2ns]

Carefully check the webserver settings in BI.
Did you have Vlans setup?

 

[Shark92651]

We have no Vlans setup at this time. Nothing has changed on the Web Server settings that I can tell. The IP and Port are correct. What is really odd is that one of my managers who is having this issue says that when he logs onto his PC with HIS windows domain login, the cameras will not connect. Someone else then logged into their profile on the same PC, and they were able to connect and view the cameras. It's all very weird.

 

[looney2ns]

Clear the browser cache?

 

[mikeynags]

We have no Vlans setup at this time. Nothing has changed on the Web Server settings that I can tell. The IP and Port are correct. What is really odd is that one of my managers who is having this issue says that when he logs onto his PC with HIS windows domain login, the cameras will not connect. Someone else then logged into their profile on the same PC, and they were able to connect and view the cameras. It's all very weird.

Any chance your user fat-fingered their password enough times to trip the auto-ban? That's assuming you have it enabled under advanced web server settings:

 

[Pdlnfool]

Hi Shark,
I seem to have a similar problem. I cannot access the UI3 from other computers on my local wired network or OpenVPN, but was able to several weeks ago. At that time, I was setting up remote access and got web access via OpenVPN working on my Android. I have not tried to access since then and today am unable to access the UI3. If I remember correctly, I upgraded BI after getting remote access working.
May I ask what BI version you are running? I am on 5.3.3.11 Could the issues have started after an upgrade?
Thanks,
Chris

 

[Shark92651]

Any chance your user fat-fingered their password enough times to trip the auto-ban? That's assuming you have it enabled under advanced web server settings:

View attachment 73829

I turned those features off just to be sure, but same issue.

 

[Shark92651]

Hi Shark,
I seem to have a similar problem. I cannot access the UI3 from other computers on my local wired network or OpenVPN, but was able to several weeks ago. At that time, I was setting up remote access and got web access via OpenVPN working on my Android. I have not tried to access since then and today am unable to access the UI3. If I remember correctly, I upgraded BI after getting remote access working.
May I ask what BI version you are running? I am on 5.3.3.11 Could the issues have started after an upgrade?
Thanks,
Chris

I am running 5.3.3.9 x64

Have you tried toggling the service off and on? That works for me at times, but not always.

 

[sebastiantombs]

How about rolling back to 5.3.2.11, the latest stable version?

 

[Pdlnfool]

I tried rolling back to 5.3.2.11, but no joy for me.

 

[looney2ns]

Check Windows defender firewall rules.

 

[Shark92651]

So far I still haven't found any rhyme or reason to it. All the office PCs have the same firewall rules and nothing has changed on either the clients or the server, yet it refused to connect to some clients.

 

[Pdlnfool]

My issue ended up being a vLAN on my machine. The web server automatically populates the "Local, internal LAN access" IP address. For some reason it was picking the vLAN address (127.x.x.x) instead of my router LAN address (192.168.x.x).

 

[Shark92651]

I think I found a fix for my issues. It seems a corrupted ARP cache on the server was causing my problems. I ran ARP -d on an elevated command prompt and all PC that could not connect can now connect. This was also affecting RDP to the server, and now that issue is resolved as well.