AnsweredAssumed Answered

Two Machine Config throws "Forbidden You do not have authorization to access this server." when...

Question asked by JacksonVeigel on Jul 23, 2015
Latest reply on Jul 31, 2015 by TSGal

Summary

Two Machine Config throws "Forbidden You do not have authorization to access this server." when trying to access IWP page

Product

FileMaker Server

Version

11v5

Operating system version

Windows Server 2008 R2 Datacenter SP1

Description of the issue

When browsing to the IWP URL of the web server (eg. http://10.10.0.1/fmi/iwp/) in either a two machine or two machine alternative configuration the browser reports a message "Forbidden You do not have authorization to access this server." The forbidden page is being generated by FileMaker Server after looking at the source HTML. Both machines in the configuration work successfully in single machine config.

My guess is that it has something to do with the OS configuration or 3rd party software installed by the vendor who created the server but I can't nail it down.

The only 3rd party software is:
Google Chrome
AWS Tools for Windows
Citrix Tools for Virtual Machines
EC2Config Service
UniversalForwarder by Splunk Inc. (Checked the ports on this one, and they don't overlap.)

The servers are hosted at AWS and we have confirmed both machines software firewalls are off and the following TCP ports are open (bi-directionally) between the servers which are on different routers::

80
443
5003
16000
16001
16016
16018
16020
16021

-Checked a netstat -an too and the proper ports are listening/established.

-Also, the WAS service reports a warning and error in the windows system log that could be related:

Log Name:      System
Source:        Microsoft-Windows-WAS
Event ID:      5189
Level:         Error
Description:
The Windows Process Activation Service failed to generate an application pool config file for application pool 'DefaultAppPool'. The error type is '7'. To resolve this issue, please ensure that the applicationhost.config file is correct and recommit the last configuration changes made. The data field contains the error number.

Log Name:      System
Source:        Microsoft-Windows-WAS
Event ID:      5009
Task Category: None
Level:         Warning
Description:
A process serving application pool 'DefaultAppPool' terminated unexpectedly. The process id was '564'. The process exit code was '0xff'.

Steps to reproduce the problem

Go to IWP url

Expected result

See web start page with database listing

Actual result

Unable to browse to site, get 403 error.

Exact text of any error message(s) that appear

"Forbidden You do not have authorization to access this server."

Configuration information

Amazon Web Services server.
Windows 2008 R2 Datacenter SP1.
IIS 7
php 5.217
java 6 update 37
bonjour 2.0.0.34
visual C++ ver 9.0.30729

FMS Two machine alternative and two machine regular both with SSL and without.

Workaround

Single machine config

Screenshot_2015-07-21_14.43.54.png

Outcomes