599 Internal Exception on transfer attempt

kwdamp

Well-Known Member
Dec 7, 2017
51
5
8
usa
cPanel Access Level
Root Administrator
I've tried everything I know and I cannot get past the error on attempting to connect to another one of my servers to transfer accounts:

(XID wyshek) The system stopped waiting to connect to “server2.redacted.com” on port “22” after 15 seconds. Failed to establish session and parse security token: 599 Internal Exception (Could not connect to 'server2.redacted.com:2087': Connection timed out ) at /usr/local/cpanel/3rdparty/perl/532/lib/perl5/cpanel_lib/cPanel/PublicAPI.pm line 526.

I found the other thread on this and worked through the troubleshooting at steps https://support.cpanel.net/hc/en-us...Transfer-Tool-results-in-Connection-timed-out.

I still cannot get it to connect.

I've installed ConfigServer on both systems and made sure port 22 is listed in the tcp and confirmed both servers are listening on port 22. I've whitelisted the ip's from both accounts on both servers in the firewall. I've triple checked the root password. I've made sure that SSH Password Authorization Tweak is enabled to allow a pure password based login on both servers.

I'm not sure what else to do. I thought this tool was virtually fool proof.
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
Hey there! It doesn't look like it's complaining about port 22, as the error is with port 2087. You can try a basic telnet test from the Destination machine to the Source machine with port 2087 to see if that connection works.

Code:
telnet source_server_name_or_IP 2087
If "telnet" isn't installed, a simple "yum install telnet" will take care of it as that package is provided by the operating system.
 

kwdamp

Well-Known Member
Dec 7, 2017
51
5
8
usa
cPanel Access Level
Root Administrator
Hey there! It doesn't look like it's complaining about port 22, as the error is with port 2087. You can try a basic telnet test from the Destination machine to the Source machine with port 2087 to see if that connection works.

Code:
telnet source_server_name_or_IP 2087
If "telnet" isn't installed, a simple "yum install telnet" will take care of it as that package is provided by the operating system.
It says Trying and then returns w/ Connection timed out a few minutes later.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
So that's the issue then. If you're not seeing any firewall settings that would block port 2087 on either end you may need to reach out to your provider to have them check the network settings at a higher level than your server.
 

kwdamp

Well-Known Member
Dec 7, 2017
51
5
8
usa
cPanel Access Level
Root Administrator
So that's the issue then. If you're not seeing any firewall settings that would block port 2087 on either end you may need to reach out to your provider to have them check the network settings at a higher level than your server.
Ok, is there a terminal command to check that specific port on a machine?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
There is, but it depends on what firewall and operating system you're running. Most systems will respond well to this command:

Code:
iptables -L -n | grep :2087
which should give you this output if the port is open and working normally:

Code:
# iptables -L -n | grep :2087
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:2087
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:2087
It's important to note that just because it's opened locally doesn't mean there isn't a network device outside of your machine that could be blocking incoming connections.

Another very easy well to tell if port 2087 is open is that your WHM access would not work if it wasn't.
 

kwdamp

Well-Known Member
Dec 7, 2017
51
5
8
usa
cPanel Access Level
Root Administrator
There is, but it depends on what firewall and operating system you're running. Most systems will respond well to this command:

Code:
iptables -L -n | grep :2087
which should give you this output if the port is open and working normally:

Code:
# iptables -L -n | grep :2087
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:2087
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:2087
It's important to note that just because it's opened locally doesn't mean there isn't a network device outside of your machine that could be blocking incoming connections.

Another very easy well to tell if port 2087 is open is that your WHM access would not work if it wasn't.
Ok. Yes, that all looks correct and I can definitely connect to WHM via the web interface.

I will wait for a response from the ISP. Thx
 
  • Like
Reactions: cPRex

kwdamp

Well-Known Member
Dec 7, 2017
51
5
8
usa
cPanel Access Level
Root Administrator
I believe the ISP tech ended up reaching out to cpanel as they also couldn't find anything. In the end they came back with this, and it appears to work, if anyone else has this problem down the road.

The subnet mask on eth0 on for server2.redacted.com was configured to prevent it from reaching anything on 184.194.x.x We will be restarting networking now - please stand by.