Jump to content

"Connection failed" message even though can ping FM Server successfully


This topic is 1499 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies

I'm having huge difficulty getting FileMaker Server 17 to work. The server operating system is Windows Server 2016. The client PC is Windows 10. The software installs OK but when I use FM Pro 17 client to connect remotely, I can't connect. I see the server under "Local Hosts" but when I click on the host name, after a minute or so I just get the message "connection failed". 

A ping to the host local IP address is successful so there is definitely a local area network connection. 

There is a Sophos hardware Firewall in place and I thought this was the culprit. But when I disconnect it, it made no difference. 

Ports required to be open for LAN connectivity from Pro to Server are, unless I am mistaken, 80, 443 and 5003. When the Firewall is put back in, I know I will need these ports to be open. But as I say, even without, there is only a "failed connection" message. 

If it pings OK, what could be the problem? This is very very urgent so any help very much appreciated.

Regards

Nick

Link to comment
Share on other sites

  • 8 months later...
  • 3 months later...

Me too, for 1 - one Catalina w/FileMaker 18 Pro attempting to connect to FileMaker 16 Server, however other machines with the same configuration on the same LAN does not have this issue.

I have tried ssh, VNC WebD, CWP, and xDBC all connect just fine, however Filemaker Pro connections do not connect.

How do you people debug this scenario? I'm able to telnet to the tcp port 5003, however there is no udp 5003 active on the server; at least not from the perspective of this workstation.

Messages Image(541912435).png

Edited by ggt667
Added screenshot.
Link to comment
Share on other sites

479150399_MessagesImage(2737765552).png.046c2e3e4c8991930144513fff28310c.png

This is client specific as this client can not connect to other FileMaker servers.

Edited by ggt667
Link to comment
Share on other sites

I have installed FileMaker 16, 17, and 18 Pro on this client. All have the same issue, I have also tried switching the system firewall on and off, and giving privs to all 3 FileMaker versions while on.

From this particular client

$ sudo nmap -sU fm.server.lan -p5003
Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-12 16:04 CET
Nmap scan report for 10.10.10.11
Host is up (0.00089s latency).

PORT     STATE         SERVICE
5003/udp closed filemaker

Nmap done: 1 IP address (1 host up) scanned in 0.31 seconds

 From any other client

$ sudo nmap -sU fm.server.lan -p5003
Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-12 16:04 CET
Nmap scan report for 10.10.10.11
Host is up (0.00089s latency).

PORT     STATE         SERVICE
5003/udp open|filtered filemaker

Nmap done: 1 IP address (1 host up) scanned in 0.33 seconds

 

Edited by ggt667
Link to comment
Share on other sites

Connect a known working client to the same network port and test. If that works, it must be something on the client. If the hardware on the known working client is similar, you could even swap harddisks so that you use the same mac address/computer. It is possible a  switch causes issues, either with stored mac info, or with a layer 3 rule (if its a layer 3 switch).

Link to comment
Share on other sites

8 hours ago, OlgerDiekstra said:

Connect a known working client to the same network port and test. 

From any other client ^^

8 hours ago, OlgerDiekstra said:

It is possible a  switch causes issues, either with stored mac info, or with a layer 3 rule (if its a layer 3 switch).

I'll start investigating this as it'is about the only thing I have not checked.

I assume removing the power cord of the switch for 10 seconds should clear any cache? The layer 3 stuff I have to log in to the switch to find out, no?

Edited by ggt667
Link to comment
Share on other sites

  • Newbies
18 minutes ago, ggt667 said:

From any other client ^^

I'll start investigating this as it'is about the only thing I have not checked.

I assume removing the power cord of the switch for 10 seconds should clear any cache? The layer 3 stuff I have to log in to the switch to find out, no?

Hello, I have a user with exactly the same issue today on Filemaker 16. He just had installed FM16 on his computer, can see the local server with "Bonjour", but can't connect "connection Failed" , Same with IP address or external IP address.

Other users on the same Network work fine, my computer on another networtk can access with external ip as well ...

He can ping port 5003 with success, he is administrator on his computer ...

He can access all network services (AFP, SMB, HTTP, mail …) , we checked he doesn't has any firewall, his IP is DHCP served as other computer and we checked the Ip address he obtained...

I 'll try to see if his Time is correctly set, may be it could be an authentication issue ??

 

if someone has an idea, it would be welcome

  

Link to comment
Share on other sites

1 hour ago, mandrivak said:

I 'll try to see if his Time is correctly set, may be it could be an authentication issue ??

  

 

It wouldn't be an authentication issue unless you have FMS configured to use 'file list filtering' where it would first ask for credentials and only then show a list of files that the user has an account in.  That's not the default setting though.

And even then, if the authentication through SSO failed (if you are using EA and SSO is possible in your setup) then FM would still show a login dialog and not the "connection failed".  So this is either something on this user's computer (like the corrupted pems) or a networking issue.

The usual troubleshooting involves:

1) can the user log into another machine and try from there?

2) if you create a new OS account on the rogue machine, does it work from that account?

Link to comment
Share on other sites

16 minutes ago, Wim Decorte said:

 

It wouldn't be an authentication issue unless you have FMS configured to use 'file list filtering' where it would first ask for credentials and only then show a list of files that the user has an account in.  That's not the default setting though.

And even then, if the authentication through SSO failed (if you are using EA and SSO is possible in your setup) then FM would still show a login dialog and not the "connection failed".  So this is either something on this user's computer (like the corrupted pems) or a networking issue.

The usual troubleshooting involves:

1) can the user log into another machine and try from there?

2) if you create a new OS account on the rogue machine, does it work from that account?

1) Yes

2) How many accounts do you see purposeful to try? I tried 3 new ones this far.

Edited by ggt667
Link to comment
Share on other sites

On #2: just one account would do.  If it doesn't work with a brand new account it would indicate that it is not something in the user's profile.  Could still be something in the FMP installation; have you tried diffing the installed files vs the ones on a machine where it is working?

Other thing to try: move the machine to a different place in the network to rule out anything network-equipment related; switch from wifi to ethernet or vice versa depending on what is being used now.  If both are active, disable one,...

Link to comment
Share on other sites

Have you tried comparing packet captures with a working machine? That will tell you whether the faulty system is even trying to communicate with the server. Ideally you'd do this on the switch, but that depends what switch you have. Alternatively, run packet captures on both local machines (on a working one and on the broken one).

2 hours ago, ggt667 said:

From any other client ^^

I'll start investigating this as it'is about the only thing I have not checked.

I assume removing the power cord of the switch for 10 seconds should clear any cache? The layer 3 stuff I have to log in to the switch to find out, no?

Probably the easiest way to check this would be to simply move the computer to another port, or better still, another switch. Having said that, it all depends on how the switches or switch stack is configured. Layer 3 switches add another layer of complexity. There are also switches that can be configured to dynamically manage perceived threats. In such a case, a power down won't help much. It all depends on what brand/model switch you have.

Link to comment
Share on other sites

  • Newbies

System Configuration
MacBook Pro 15" Retina (2014)
CPU2.8 GHz Intel Core i7
RAM16 GB 1600 MHz DDR3
GPUIntel Iris Pro 1536 MB
OSOSX Mojave 10.14.6

FileMaker
FileMaker Pro Advanced 18.0.3.317

Issue Description/Details
I just want to jump in since this is the first active thread I've found on the topic. I am experiencing this issue and it is not isolated to one server. When selecting any host the 'Connection Failed' message is displayed immediately. I can connect to the same hosts using FMPA16/17 from the same machine.

I have experienced this issue previously when I installed both FMPA16 and FMPA17 and the resolution was unusual. I recall it being similar to adding an incompatible app to have accessibility access however despite confirming that no version of FMPA is in my accessibility list, I have tested this as a possible resolution.

Troubleshooting Performed
I have done a clean install with the most recent version of FMPA18 and it was a more up-to-date version; making it three versions where the issue persists.
The issue was also present in OSX High Sierra.
The rules in the firewall are identical for FMPA17/18 and the issue persists with the firewall disabled.
No third-party security software is in use.
Allowed FMPA18 to control the computer through 'Accessibility' in the 'Security & Privacy' settings.

Additional Information/Questions
Due to the issue being isolated to FMPA18 on a specific machine and previous experience I can rule out most of the usual suspects ie: server and network configuration.
Is anyone else experiencing the issue using a case-sensitive filesystem? I have had a wide variety of issues with applications that do not check if the filesystem is case-sensitive where the application is not designed to run on a case-sensitive filesystem. I doubt this is the case since this has happened with prior versions but I'm hoping for a common denominator that could be at the root of the issue at hand.

Link to comment
Share on other sites

  • Newbies

Found a Resolution

It would be immediately after I post regarding the issue that I stumble upon a resolution. I would like to apologize in advance if it is possible to update an existing post. It could be that I am new to the forums and unfamiliar with the interface or it could be that my previous post is awaiting moderator approval.

 The Problem
The following FileMaker local certificates are missing from the FileMaker application support directory.

certifiedroot.pem
root.pem
server.pem

 The Resolution 
Copy the local certificates from a working installation of FileMaker Pro Advanced to the equivalent directory for the installation that cannot connect.


This resolution requires that the files can be obtained from one of the following sources, using the same license:
A working installation of a previous version of FileMaker Pro Advanced on the same system.

A working installation of FileMaker Pro Advanced on another system.

The required certificates can be found at the following paths:

OSX
/Users/<USERNAME>/Library/Application Support/FileMaker/FileMaker Pro Advanced/18.0

Windows
C:\Users\<USERNAME>\AppData\Local\FileMaker\FileMaker Pro Advanced\18.0

 

Filesystem Question/Update
In regards to my filesystem question from my previous post; this could be caused by a filesystem mis-match if the installer is looking for Server.pem and the package contains server.pem or vice versa. If anyone else experiencing this issue could please reply to this thread regarding their filesystem it would be much appreciated. If you are unsure, the filesystem can be viewed from 'Disk Utility':
0dac2c54b8d46e4f23c2ee2a74acc5db-full.pn
 

Link to comment
Share on other sites

  • 2 months later...

Same thing happened to me on just one machine and simply copying the certificates over didn't fix the problem as FileMaker repeatedly overwrote root.pem with its own incomplete copy. Broken root.pem only contains a single certificate which belongs to FileMaker. Working root.pem contains a lot more certificates belonging to certification authorities. certifiedroot.pem will be completely missing as well.

The band-aid fix is a bit unwieldy but it works.

save a copy of root.pem and certifiedroot.pem from a working installation or attached to this post to Downloads folder, then open a terminal and issue the following commands

chmod u+x ~/Library/Application\ Support/FileMaker/FileMaker\ Pro\ Advanced/18.0/
cat ~/Downloads/root.pem > ~/Library/Application\ Support/FileMaker/FileMaker\ Pro\ Advanced/18.0/root.pem
cat ~/Downloads/certifiedroot.pem > ~/Library/Application\ Support/FileMaker/FileMaker\ Pro\ Advanced/18.0/certifiedroot.pem
chflags uchg ~/Library/Application\ Support/FileMaker/FileMaker\ Pro\ Advanced/18.0/root.pem

The cert problem has been with FM for ages, apparently. A similar problem occured in version 9 and 11. Why it had to re-appear now is anyone's guess.

certifiedroot.pem root.pem

  • Like 1
Link to comment
Share on other sites

This topic is 1499 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.