CentOS Stream 9 443 client request fail port 80 works (Firefox)

ccroasmun

New Member
Joined
Dec 14, 2022
Messages
2
Reaction score
0
Credits
38
Know nothing about Linux, having to set a box up for a consultant. Installed CentOS Stream 9 as a virtual on HyperV 2019 Enterprise. Traffic seems to route everywhere testing with Ping. both curl and firefox to the Internet fail on 443, but 80 works. Firewall is Fortigate. Inside the firewall both 80 and 443 work. Can get to Sharepoint boxes using 443 on Firefox in remote networks being routed through SSL tunnels on the same Fortigate firewall........But cannot browse https://www.google.com, can browse http://portquiz.net, http://portquiz.net:8080, 8443, 9000, any port just 443 doesn't work on the Internet.

These guys need to connect this box to Azure storage using 443, so I'm screwed, never seen such a thing.....................crazy.

Any help would be appreciated, these guys are moving our ERP so this is high priority and I haven't a clue...........also shutdown firewalld, still no traffic inbound from Internet request.........I see the outbound traffic flowing through the firewall.
 


wizardfromoz

Administrator
Staff member
Gold Supporter
Joined
Apr 30, 2017
Messages
8,957
Reaction score
7,928
Credits
37,761
Moved to Red Hat subforum.

Good luck and welcome

Chris Turner
wizardfromoz
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
6,259
Reaction score
4,732
Credits
45,987
Default Rhel/Centos installations don't block any outgoing traffic. If you stopped firewalld and the problem is still there, then the problem isn't the CentOS Stream 9 installation but elsewhere.
 
Last edited:

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
6,259
Reaction score
4,732
Credits
45,987
Code:
[tux@localhost ~]$ cat /etc/redhat-release
CentOS Stream release 9
[tux@localhost ~]$ curl -I https://www.google.com
HTTP/2 200
Maybe try running a tracepath or traceroute and compare 80 vs 443?
Code:
tracepath -p 80 www.google.com
traceroute -p 80 www.google.com
tracepath -p 443 www.google.com
traceroute -p 443 www.google.com
I don't know HyperV but I know on Proxmox you can enable firewalling per vm, maybe something on the HypverV side blocking something? Or an old Fortigate firewall rule being active for the ip that the CentOS Stream 9 system is using, I've ran across firewall problems where I got an ip for a new system but some old firewall rule was still active for that ip and something was getting blocked.
 
Last edited:
OP
C

ccroasmun

New Member
Joined
Dec 14, 2022
Messages
2
Reaction score
0
Credits
38
I understand....crazy. Here's curl results 80 to internet works, 443 to remote site through tunnel on same firewall works, 443 to internet does not work. Same results with browser also. The last curl to https://www.google.com I had to escape out of cause it locks up returning no results.

401 UNAUTHORIZED[root@AshVM-LinuxProxy ~]# curl -i http://portquiz.net/ HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 09:52:42 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 44
Connection: close
Content-Type: text/html; charset=UTF-8

Port test successful!
Your IP: 71.66.16.210
[root@AshVM-LinuxProxy ~]# curl -i https://ciintranet.colind.com
HTTP/2 401
content-type: text/plain; charset=utf-8
server: Microsoft-IIS/10.0
sprequestduration: 2
spiislatency: 0
www-authenticate: NTLM
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.10366
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
date: Wed, 14 Dec 2022 09:52:48 GMT
content-length: 16

401 UNAUTHORIZED[root@AshVM-LinuxProxy ~]# curl -i https://www.google.com
^C

Cannot repo, proxy here says none, changed it from localhost 6588 in /etc/yum.conf which seems to have screwed up other things. The fresh install had the same functionality but below in the error it said proxy: https://localhost:6588

No proxy in network settings, no proxy in browser, unsure why by default it was trying to proxy locally through 6588, that is AnalogX Proxy


Failed to search for file: cannot update repo 'extras-common': Cannot prepare internal mirrorlist: Curl error (5): Couldn't resolve proxy name for https://mirrors.centos.org/metalink...mmon-9-stream&arch=x86_64&protocol=https,http [Could not resolve proxy: none];
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
6,259
Reaction score
4,732
Credits
45,987
Again if you are using a default installation of CentOS Stream 9 the problem is elsewhere.
When you open a terminal, what's the output of the following commands?
Code:
echo $http_proxy
echo $https_proxy
What happens when you try to update the system or try to install a package?
Code:
yum install lftp
yum update
 
Last edited:

Members online


Top