Issue:
- Policy Manager Server is rejecting Policy Manager Console connections from a remote host.
- When trying to connect to Policy Manager Server running on Linux using a Windows machine, the following error is displayed: "Cannot connect to server 172.16.0.6:8080. Check that the host name and port number are correct. Port number 8080 is used by default".
- When checking netstat output on a Windows server running the Policy Manager Server, the administration module (default port 8080) is listening on Local address 127.0.0.1
Resolution:
By default WithSecure Policy Manager Server is set up to only accept connections from localhost. Follow the steps below to allow remote connections and then test the connectivity from the remote Policy Manager Console.
If Policy Manager Server is installed on a Windows OS:
- Stop the F-Secure Policy Manager Server service (use command prompt command: net stop fsms)
- Open the Windows registry editor (regedit)
- Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Data Fellows\F-Secure\Management Server 5
- Edit the value of [REG_DWORD] RestrictLocalhost to 0
- Start the F-Secure Policy Manager Server service (use command prompt command: net start fsms)
- Stop the Policy Manager Server daemon (/etc/init.d/fspms stop)
- Open the file /etc/opt/f-secure/fspms/fspms.conf
- Check the line adminExtensionLocalhostRestricted value and make sure the value is set to false
- Save the file and restart the Policy Manager Server daemon (/etc/init.d/fspms restart)
/opt/f-secure/fspms/bin/fspms-config
Once Policy Manager Server service has restarted, try to login from the remote Policy Manager Console.
Article no: 000001368