ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,140 questions
ASP.NET Core: Unable to start Kestrel. An attempt was made to access a socket in a way forbidden by its permissions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 82%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Abhishek Prajapati
1
Reputation point
I have an ASP.NET Core application running smoothly on IIS and suddenly it start throwing below error while running EXE.
[23:14:04 FTL] Unable to start Kestrel.
System.Net.Sockets.SocketException (10013): An attempt was made to access a socket in a way forbidden by its access permissions.
at System.Net.Sockets.Socket.UpdateStatusAfterSocketErrorAndThrowException(SocketError error, String callerName)
at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Bind(EndPoint localEP)
at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketConnectionListener.Bind()
at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketTransportFactory.BindAsync(EndPoint endpoint, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.<>c__DisplayClass21_0`1.<<StartAsync>g__OnBind|0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindEndpointAsync(ListenOptions endpoint, AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.AnyIPListenOptions.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
[23:14:04 FTL] Api host terminated unexpectedly
I can see that the port this app is using is in Protocol tcp Port Exclusion Ranges. And I have tried changing port too but as soon as I change the port, new port is also added to this Protocol tcp Port Exclusion Ranges list.
I have tried below steps to fix this issue:
- Changed port
- Reboot system
- Removed port from Exclusion list but when tried to run app, it gets added again
I am not sure is it because of the latest windows security updates?
Does anyone know how to fix this issue?
Thanks,
Abhishek
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 98%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
Rena Ni - MSFT 2,061 Reputation points2021-07-07T02:48:10.09+00:00 Hi @Abhishek Prajapati , Did you update the windows system recently? Did you deploy and run exe successfully before? Is the port number same as run on the IIS?
-
Abhishek Prajapati 1 Reputation point
2021-07-07T02:57:32.78+00:00 Hello @Rena Ni - MSFT ,
I can see my windows(local and Azure VM) got some security updates recently. Yes, I have deployed this app on IIS on Azure VM and it is running on same port. I tried changing port in IIS website but no luck, Still getting the same result - not working. When I change port in IIS, it gets added to this exclusion list.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 76%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENL%3C/text%3E%3C/svg%3E)
Nicole Lu-MSFT 96 Reputation points2021-07-07T09:19:47.87+00:00 Hi @Abhishek Prajapati this comment seems conflict with what you're saying in your questions. Please give some more clarifications:
- Does your app work when deploy in IIS
- Does your app work when run with exe
- Are you deploy to IIS and run with exe on same computer e.g. your Azure VM?
- Can you show us a screenshot of your Protocol tcp Port Exclusion Ranges? Also together with the port you've tried to use?
- Can you share your windows security updates which is suspicious(a screenshot for the update list from the date you notice the issue) ?
-
Abhishek Prajapati 1 Reputation point
2021-07-07T14:08:55.737+00:00 @Nicole Lu-MSFT , I think I confused you. I meant to say that
I had an application running successfully on IIS as well as through EXE. But suddenly, It stopped working - from IIS as well as using EXE. Both EXE and IIS site has same port but when I wanted to run EXE, I used to stop IIS website first and then ran EXE.Here are the answers of questions:
- Does your app work when deploy in IIS
Nope, it is not working. I got an error when I open deployed site.
- Does your app work when run with exe
Nope, it is not working. I am getting this error :
An attempt was made to access a socket in a way forbidden by its access permissions.- Are you deploy to IIS and run with exe on same computer e.g. your Azure VM?
I usually do not run EXE on Azure VM but when I got this issue, I tried to run EXE and found that it is not working using EXE too. Before running EXE, I stopped IIS website as both have same port.
- Can you show us a screenshot of your Protocol tcp Port Exclusion Ranges? Also together with the port you've tried to use?
I tried another port 44387 but it still not working at all. It gets added to the exclusion list.
![112565-image.png][1] ![112635-image.png][2]- Can you share your windows security updates which is suspicious(a screenshot for the update list from the date you notice the issue) ?
-
Nicole Lu-MSFT 96 Reputation points
2021-07-09T01:33:15.277+00:00 Thank you for the information, I noticed these windows updates are for Microsoft Defender https://www.microsoft.com/en-us/wdsi/defenderupdates, if there's no other change to your VM or your app code, you may try to allow your app from firewall like: https://support.microsoft.com/en-us/windows/risks-of-allowing-apps-through-windows-defender-firewall-654559af-3f54-3dcf-349f-71ccd90bcc5c. If this is not helping, you may need to revert the updates and check if revert updates help your app work again.
Sign in to comment