Troubleshooting Web Deploy 3.5 Connection Issues: ERROR_DESTINATION_NOT_REACHABLE on Windows Server 2008 R2


2 views

html

When Web Deploy fails with ERROR_DESTINATION_NOT_REACHABLE despite all services running, network-level blocking is often the culprit. Let's verify connectivity step-by-step:

# PowerShell port test
Test-NetConnection -ComputerName yourserver -Port 8172

# If blocked, check firewall rules:
netsh advfirewall firewall show rule name=all | find "8172"

# Alternative telnet test (Windows feature needs enabling):
telnet yourserver 8172

Beyond basic service status checks, examine these critical configurations:

# Check WMSVC binding configuration
Get-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\WebManagement\\Server" -Name "EnableRemoteManagement"

# Verify Web Deploy provider installation
Get-ChildItem "HKLM:\\SOFTWARE\\Microsoft\\IIS Extensions\\MSDeploy"

When all else fails, capture network traffic using these methods:

# Netsh trace (run on both client and server)
netsh trace start scenario=NetConnection capture=yes tracefile=webdeploy_trace.etl

# After reproduction:
netsh trace stop

# Analyze with Microsoft Message Analyzer or Wireshark
# Filter for port 8172 traffic

If standard Web Deploy fails, try these fallback approaches:

# 1. Use service URL directly
msdeploy -verb:sync -source:contentPath="C:\\site" -dest:contentPath="site",computerName="https://yourserver:8172/msdeploy.axd",authType="Basic",userName="user",password="pass"

# 2. Temporary HTTP binding
netsh http add urlacl url=http://+:8172/ user=Everyone

# 3. Local admin share fallback
msdeploy -verb:sync -source:contentPath="C:\\site" -dest:contentPath="site",computerName="yourserver",userName="admin",password="pass",authtype="NTLM"

Advanced troubleshooting requires registry inspection:

# Enable WMSVC verbose logging
Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\WebManagement\\Server" -Name "Debug" -Value 1

# Web Deploy tracing
Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\IIS Extensions\\MSDeploy\\3" -Name "TraceLevel" -Value 4

# Log locations:
# WMSVC: C:\\inetpub\\logs\\wmsvc\\W3SVC*
# MSDeploy: %TEMP%\\MSDeploy*.log

When attempting to publish a website from Visual Studio 2013 to a Windows Server 2008 R2 Standard (SP1) machine, the connection fails with:

Could not connect to remote computer (computer name). Make sure Web Management Service is started.
Learn more at http://go.microsoft.com/fwlink/?linkId=221672#ERROR_DESTINATION_NOT_REACHABLE

Before diving deeper, let's document what's already been checked:

  • Web Management Service (WMSvc) running and set to Automatic
  • Web Deployment Agent Service running
  • Web Deploy 3.5 installed with all components
  • Firewall rules for port 8172 confirmed
  • Remote connections enabled in IIS Management Service
  • Proper user delegation configured

Basic connectivity checks reveal deeper issues:

telnet server_name 8172
# Returns: Could not open connection to the host, on port 8172: Connect failed

Using PowerShell for more advanced testing:

Test-NetConnection -ComputerName server_name -Port 8172
# Expected output should show TcpTestSucceeded: True

Let's verify the WMSvc settings through PowerShell:

Get-Service -Name WMSvc | Select-Object Name,Status,StartType
Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WebManagement\Server" -Name "EnableRemoteManagement"

The registry key should return "1" for remote management being enabled.

Beyond basic port checking, we need to examine firewall rules in detail:

netsh advfirewall firewall show rule name=all | findstr "8172"
# If no output, create the rule:
netsh advfirewall firewall add rule name="Web Deploy" dir=in action=allow protocol=TCP localport=8172

The webdeploy.axd handler might need explicit verification:

# On the server, check handler mappings in IIS
%windir%\system32\inetsrv\appcmd list config -section:system.webServer/handlers | findstr "webdeploy.axd"

When standard logs aren't available, we can enable deeper diagnostics:

# Enable WMSvc tracing
wevtutil set-log "Microsoft-Web-Deployment/Operational" /enabled:true
wevtutil set-log "Microsoft-Web-Deployment/Debug" /enabled:true

If standard Web Deploy fails, try these fallback methods:

# Using Web Deploy command line for testing
msdeploy -verb:getDependencies -source:webserver60 -dest:archivedir=c:\temp\archive

Permission issues often manifest as connectivity problems:

# Check service account for WMSvc
Get-WmiObject Win32_Service | Where-Object {$_.Name -eq "WMSvc"} | Select-Object Name,StartName
  • Verify physical network connectivity (ping, tracert)
  • Confirm DNS resolution (nslookup)
  • Check for IP restrictions in IIS Management Service
  • Validate SSL certificate if using HTTPS
  • Test with both machine name and IP address