Connecting to work machine

Rather than pester the very helpful Scott Chamberlain in the comments to this question, I'm moving my issue here.

I'm developing a web app on my work computer (Windows 7), and I've gotten a bug report complaining of bad behavior on the Mac version of Firefox. We don't have a Mac in-house, so I brought in my personal laptop. The trouble is, I can't get it to connect to my work machine.

Both machines are on the local wi-fi network. The work machine has access to a VPN that my personal laptop does not. Any time I try to access 192.168.1.4:8080 (the IPv4 address assigned by the wireless network) from my personal machine's browser, I get nothing. I also get nothing when I ping 192.168.1.4.

My first thought was that it's a firewall issue; I don't have the permissions necessary to simply disable it. I've tried poking holes via "Windows Firewall with Advanced Security" (allow incoming access on port 8080, allow incoming access for all programs), but it doesn't seem to be doing anything.

It also occurred to me that my work machine might be invisible on the network. I've tried turning on file sharing and network discovery via "Advanced sharing settings", but that hasn't worked either.

I'm still poking around with rsop.msc as Scott recommended in my other question, but as I've never used the tool before, I'm not completely certain of what I'm looking for. I'm hoping something will jump out at me as I keep digging.

In the meanwhile, what other approaches would people recommend?

Edit: In response to the comments, I double-checked to confirm the Mac is on the same network. It is; it has an IP address of 192.168.1.7, and I can ping it from the work machine.

Edit 2: I suspect that, unless I can track down a sysadmin willing to relax the settings on my machine, I'm simply screwed.

I presumed that, since they're on the same network, the Mac would subject to the "Domain Profile," but more research tells me it's more likely under the purview of "Private Profile." Is that a reasonable conclusion?

The difference is that the Domain overview says "Inbound connections that do not match a rule are blocked", whereas the Private overview says "All inbound connections are blocked". If I'm interpreting this correctly, then any holes I try to poke in the firewall are useless, since they run afoul of this higher-level rule. This would explain the behavior I'm seeing; I can see the Mac from the Windows machine but not vice-versa.

If anybody has any insights that confirm or refute this theory, I'd love to hear them. In the meanwhile, I'm sending "Could I please speak with a sysadmin?" messages to the helpdesk.

windows-7

BlairHippo

Posted 2013-02-08T19:14:24.097

Reputation: 193

Port 8080 is often used for proxies. Are there any proxy settings you need to add to your Mac? – techturtle – 2013-02-08T19:21:18.080

@techturtle: Under Network -> Proxies, I'm not seeing any proxy settings defined. – BlairHippo – 2013-02-08T19:25:20.157

Is this VPN connection active at your work machine while you are trying to reach it and what tool is used to establish the VPN? – Serge – 2013-02-08T19:42:28.817

I've tried reaching it with the VPN on and off; doesn't seem to make a difference. I'm using Cisco Systems VPN Client Version 5.0.07.0440. – BlairHippo – 2013-02-08T19:44:08.887

2Then this is strange indeed. – Serge – 2013-02-08T21:01:00.453

@Serge: Glad to know I'm not simply insane/incompetent. :-) – BlairHippo – 2013-02-08T21:04:27.757

Please post the IP address of the Mac when at the office and that of your PC when it's not on VPN. If the Mac isn't part of the network then there is no point even in pinging. – harrymc – 2013-02-12T18:42:46.720

@harrymc: The work machine is 192.168.1.4, the Mac is 192.168.1.7. I can ping the Mac from the work machine, but not vice-versa. – BlairHippo – 2013-02-12T18:49:05.773

In which port is your web-application running? 8080? Can you run the application on some other port? Some other ports might be open. – Kride – 2013-02-15T13:31:12.743

Answers

I'd contact your systems administrator at your work and see if they already have something for this occasion. This also keeps things above board and within your corporate security and policies for access.

mdpc

Posted 2013-02-08T19:14:24.097

Reputation: 4 176

Trying; I'm going through the help desk. Thus far, the responses have boiled down to "Yeah, that should be working!" I'm not looking for sneaky hacks here, I just want to figure out why it isn't working. :-) – BlairHippo – 2013-02-08T20:42:09.503

Of course, it doesn't help that I'm at a very remote, very small office; I can't track down the sysadmin at his/her cubicle and beg for assistance. I asked my supervisor for help, only to be told that he couldn't get anything like that working, either -- and if I figure it out, I need to share. – BlairHippo – 2013-02-08T20:44:26.817

1Well at least you have protected yourself. I've seen such things result in abrupt termination and I'd hate for that to happen for you. – mdpc – 2013-02-08T20:45:46.080

Yup yup. I asked my boss for permission before I even brought my personal machine through the door. I'd hate for that to happen to me, too. – BlairHippo – 2013-02-08T20:48:35.013

Unsatisfying though it is, given than IT is being glacially slow helping out, I'm pretty sure this is the correct answer. I simply don't have the permissions I need to punch holes in the firewall that my Mac can use. – BlairHippo – 2013-02-20T13:30:43.217

I don't understand the 8080 port : WiFi doesn't assign ports, only IP address.

One idea: If the VPN permits it, you could maybe Share the Internet Through an Ethernet Cable From Your PC to Your Mac. This way you create your own network which is not under the control of your network administrator.

Turn off any firewall on the Mac just in case.

harrymc

Posted 2013-02-08T19:14:24.097

Reputation: 306 093

The 8080 port is configured by the glassfish server; when I access 8080, I'm using Firefox, not ping. And it looks like the Mac firewall is already turned off. – BlairHippo – 2013-02-12T20:08:01.947

Let me know if the Ethernet idea is workable in your setup. – harrymc – 2013-02-13T08:41:58.327

The direct Ethernet cable doesn't seem to be doing anything. On Windows, I see an "Unidentified network" show up on the Network and Sharing Center, but I still can't ping the Windows box from the Mac, nor can I access it via HTTP. Is there something I need to configure on the Windows side? – BlairHippo – 2013-02-13T15:37:09.593

The article above was supposed to tell how. – harrymc – 2013-02-13T18:24:17.517

Obviously there are only two possible issues here:

Your Windows 7 PC has it's firewall turned on (very likely) and you will need to allow the port through the Windows firewall
Your Application Server could be bound to localhost or 127.0.0.1 only and in this case you'll need to change it to listen to 0.0.0.0

You can verify (2) by either

test if 192.168.1.4:8080 responds on your work machine (sometimes it's a habit to just use localhost:8080)
much better: open a command prompt (Win+R, type cmd) and run netstat -nap TCP - you should see at least one line where under "Local Address" you have "something:8080" and under "State" "LISTENING" - if something is not 0.0.0.0 or 192.168.1.4, then the IP binding is your primary problem.

P.S.: Under Windows, repsones to ICMP packets are by default turned off, so your ping from the Mac won't work even with the firewall turned off. The fact that you can ping the other way means that it's not a network issue at all.

Stefan Seidel

Posted 2013-02-08T19:14:24.097

Reputation: 8 812