Sophos Connect v2.2.90.1104 on Windows 10
scvpn.log:
2024-02-08 01:44:25PM [21436] dbg Starting HTTP server on 127.0.0.1:60110
2024-02-08 01:44:25PM [21436] dbg HTTP Server: cannot bind to 127.0.0.1:60110: 10013 (No such file or directory)
2024-02-08 01:44:25PM [21436] dbg HTTP Server: Failed to setup server ports
This issue is at least one year old, and it seems it survived the triage...
Windows error 10013 is actually WSAEACCES: An attempt was made to access a socket in a way forbidden by its access permissions (not No such file or directory).
There are numerous posts about similar issues on the internet.
The problem is that scvpn is unfortunately trying to listen on 60110 which is an ephemeral port (within the dynamic range), and such a port might be currently in use (for outgoing connections) or even reserved (by e.g. HyperV or the WinNAT service).
Workaround:
netsh int ipv4 add excludedportrange protocol=tcp startport=60110 numberofports=1
(might only work after a restart of certains services or Windows)
Proper fix: The Sophos Connect Service shall use a proper port (below the dynamic port range). It may even dynamically determine an available port and write it to some file for the client to get it from. Or use some other means of IPC.
This thread was automatically locked due to age.
