ASP.NET Core: Unable to start Kestrel. An attempt was made to access a socket in a way forbidden by its permissions

Abhishek Prajapati
1
Reputation point
I have an ASP.NET Core application running smoothly on IIS and suddenly it start throwing below error while running EXE.
[23:14:04 FTL] Unable to start Kestrel.
System.Net.Sockets.SocketException (10013): An attempt was made to access a socket in a way forbidden by its access permissions.
at System.Net.Sockets.Socket.UpdateStatusAfterSocketErrorAndThrowException(SocketError error, String callerName)
at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Bind(EndPoint localEP)
at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketConnectionListener.Bind()
at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketTransportFactory.BindAsync(EndPoint endpoint, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.<>c__DisplayClass21_0`1.<<StartAsync>g__OnBind|0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindEndpointAsync(ListenOptions endpoint, AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.AnyIPListenOptions.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
[23:14:04 FTL] Api host terminated unexpectedly
I can see that the port this app is using is in Protocol tcp Port Exclusion Ranges
. And I have tried changing port too but as soon as I change the port, new port is also added to this Protocol tcp Port Exclusion Ranges
list.
I have tried below steps to fix this issue:
- Changed port
- Reboot system
- Removed port from Exclusion list but when tried to run app, it gets added again
I am not sure is it because of the latest windows security updates?
Does anyone know how to fix this issue?
Thanks,
Abhishek
Hello @Rena Ni - MSFT ,
I can see my windows(local and Azure VM) got some security updates recently. Yes, I have deployed this app on IIS on Azure VM and it is running on same port. I tried changing port in IIS website but no luck, Still getting the same result - not working. When I change port in IIS, it gets added to this exclusion list.
Hi @Abhishek Prajapati this comment seems conflict with what you're saying in your questions. Please give some more clarifications:
@Nicole Lu-MSFT , I think I confused you. I meant to say that
I had an application running successfully on IIS as well as through EXE
. But suddenly, It stopped working - from IIS as well as using EXE. Both EXE and IIS site has same port but when I wanted to run EXE, I used to stop IIS website first and then ran EXE.Here are the answers of questions:
Thank you for the information, I noticed these windows updates are for Microsoft Defender https://www.microsoft.com/en-us/wdsi/defenderupdates, if there's no other change to your VM or your app code, you may try to allow your app from firewall like: https://support.microsoft.com/en-us/windows/risks-of-allowing-apps-through-windows-defender-firewall-654559af-3f54-3dcf-349f-71ccd90bcc5c. If this is not helping, you may need to revert the updates and check if revert updates help your app work again.
Sign in to comment