I need to find out why I'm not able to ping my local IP for my main computer from my ubuntu wsl terminal. For some reason, the WSL ip is 172.24.61.1/20. I have a postgresql server on 192.168.1.247 my main pc but it cannot even ping it. Anyone know why?
Firewall!
Turn off the firewall in windows and check the ping. Once it starts pinging add a rule for incoming and outgoing.
To turn off firewall in linux just use
systemctl stop firewalld
that is if you have firewall installed there, check it by using
systemctl status firewalld
Related
I am trying to set remote access for my fresh installed mongod service but it is turning impossible by now.
Database works just fine local but there is no way to make it works remote. These are the steps I have already tried it:
1- I set up Oracle subnet to allow 27017/tcp traffic.
2- Able 27017/tcp traffic in the Oracle Compute firewall.
3- Set up the mongod.conf bindIp property to 0.0.0.0
After that mongod service fails to startup.
Then I changed the bindIp property to my public Oracle Compute ip address and it fails as well.
After that I used the internal ip address of the Oracle Compute, bindIp: 10.0.0.151
$ ip a | grep "net"
Output:
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
inet 10.0.0.151/24 brd 10.0.0.255 scope global enp0s3
inet6 fe80::17ff:fe0c:78d6/64 scope link
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
The mongod service now startup properly but it is not possible to connect to the database from a remote system. I get the following error when trying to connect from my desktop system using mongosh on windows 11.
MongoServerSelectionError: connect ETIMEDOUT server_ip:27017
I would really appreciate any help. Thanks.
Do you have egress security rule? Is there an NSG in place? Do you have IG and proper routing?
Can you create a network stack and post it?
PS: Autonomous DB now comes with MongoDB API, you can try that as well.
I don't know if you still need help, but just in case if you do and for anyone in the future that may have a similar issue, I just got my remote connection to my OCI (Oracle Cloud instance) MongoDB server working.
Here are the steps I took to get it working.
You first need to have an Ingress Rule in the Default Security List for your OCI's subnet to allow TCP connections from your remote computer IP (the computer that will connect remotely to your OCI) to port number 27017 (Mongo's default port unless you changed it).
To get to the page to setup an Ingress Rule follow this article from steps 1-7:
When you've reached step 7, the page should be similar to the image below.
In the input for "Source CIDR", type the public IP address of the computer that will connect to your OCI remotely. If you don't know it's public IP, then on the computer that will connect remotely to your OCI, go to this website. The public IP address will be next to IPV4. Back in the Source CIDR input, following the public IP address, add the IP subnet mask to determine the amount of IPs the rule is for. For example, 100.0.0.0/24 will cover the IPs 100.0.0.0 - 100.0.0.255 while 100.0.0.23/32 will only cover that one specific IP.
Under IP Protocol, select TCP if it's not already selected.
Under Destination Port Range, type 27017 (or the port number your MongoDB server is using if you changed it from its default).
Under Description, you can write whatever you want or leave it blank.
To save the new rule, click on Add Ingress Rules.
Inside of your OCI (aka you've SSH into it), setup Mongo's config file.
Mongo's configuration file should be located at /etc/mongod.conf
Open the file and under net, set the bindIp to 0.0.0.0
Restart Mongo Service and check that it's running.
Restart command: sudo systemctl restart mongod
Status check command: sudo systemctl status mongod
(If not running) Start service command: sudo systemctl start mongod
You should see the service as active.
Lastly, we need to set up the firewall permissions.
I've made the mistake of spending hours on hours trying to figure out why my firewall rules weren't working when I knew I had set things up correctly. Well, it turns out that using ufw is ineffective and that you should use firewalld instead.
Make sure that ufw is disabled by typing the command sudo ufw status. It should show it as inactive. If it's active, you can disable it with the command sudo ufw disable. Then check the status of it again to make sure it's disabled.
To install firewalld, enter the command sudo apt install firewalld
To open port 27017 (or the port you set your Mongo server to), type in the command sudo firewall-cmd --add-port PORT#/tcp --permanent while changing PORT# to the port of your Mongo server. The --permanent tag makes the rule exist even after the firewall is reloaded or if the OCI is rebooted. An example of the command using the default Mongo server port is sudo firewall-cmd --add-port 27017/tcp --permanent
If you need to undo the command, type the same command but change --add-port to --remove-port. An example of that is sudo firewall-cmd --remove-port 27017/tcp --permanent
Lastly, we just need to restart firewalld with the command sudo firewall-cmd --reload
To make sure that the port was added, type in sudo firewall-cmd --list-all and under ports, you should see the port you added. Now from your remote computer, you should be able to connect to the Mongo server on your OCI by using the public IP address of your OCI (the same address you used to connect to the OCI through SSH).
I tried to connect a remote MongoDB Server running on Ubuntu using MongoDB Compass on Windows. But I have problems connecting always as the IP of the Windows machine changes every day.
I did the following things to connect to the remote server-
Got the IP of the Client Machine, then allowed that IP on the firewall of the server machine on port 27017.
sudo ufw allow from client_machine_ip to any port 27017
Note: The ufw status looked okay.
Got the IP of the Server Machine, then on the MongoDB configuration file on the server, I modified the bindIp.
bindIp: 127.0.0.1,server_machine_ip
Note: I restarted mongod and it was okay too.
I was able to connect the remote MongoDB Server using MongoDB Compass successfully for the first time. Then I saw, the IP of the client machine was changing every day. So, every time, the client IP changes, I need to allow that IP on the firewall of the server machine (in which I am using the MongoDB Server) on port 27017. Could you help to solve this? Thanks in advance.
You can update the firewall for port 27017 to allow from anywhere since client machine IP is not static.
sudo ufw allow 27017 #(this will allow from any IP)
I have a cloud Ubuntu VM which is in some resource group of company's subscription.
I do not have access to azure portal.
I had opened up the ports whichever relevant in azure portal while choosing Virutal Machine. Now I need some more ports to gets opened up, wherein I have hurdles and complications regards to that.
Command ip address gives following ip for eth0 as it is default configuration.
inet 10.0.0.4/24
Wherein some dynamic ip assigned to this host 13.71.17.175 by azure, using which we access services whichever we run. I do not know how this routing happens. Now I need to open up few more ports, and I do not have access to azure portal.
I observed uncomplicated firewall,- ufw enablement works but leads to complication, as it overrides firewall configurations, I need to completely port all firewall configurations including ssh port,- 22 provisioning.
So sudo ufw enable is very dangerous on azure cloud Linux variant VMs. On the same pact we should do sudo ufw disable, else it is lockout situation if ssh port not provisioned by ufw. Once in fact I had requested my Senior Folk and ran the command sudo ufw disable through some Azure Virtual Machine Serial Console for the UbuntuVM
Now my question is basically,
sudo ufw allow from any to any port 18081 proto tcp
is not working.
After it is done, as per my observation, I am not able to access http:\\13.71.17.175:18081\
What ufw command I have to run in order to bridge 10.0.0.4 with dynamic ip assigned to host in azure portal,- 13.71.17.175
Service runs on 0.0.0.0:18081 and it is nexus service
$ netstat -tuplen|grep 18081
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:18081 0.0.0.0:* LISTEN 0 114209 -
From my machine, somehow test-netconnection 13.71.17.175 -p 18081 succeeded in powershell. But I do not know why http:\\13.71.17.175:18081\ didn't turn up.
And one more important thing, even restart of UbuntuVM in azure portal didn't turn off ufw.
Once this port is up & running, I have to port all firewall configuration to uncomplicated firewall,- ufw, that's how I could succeed with my config. and I do not have any other choice.
Now I had configured all the ports and enable ufw, but it looks like it requires restart. And I didn't do any bridging or routing to any other ip, rather opened up the ports in the present system. In order to enable ufw, system restart is required.
$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
I had opened all the required ports say,
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw allow from any to any port 3306
sudo ufw allow from any to any port 18081
sudo ufw allow from any to any port 15672
sudo ufw allow from any to any port 8081
sudo ufw allow from any to any port 5672
sudo ufw allow from any to any port 5671
Here if ssh is not provisioned, then I have to go back to Azure portal to disable ufw :(
I'm use Linux server with vsftpd connection created successfully but i can't retrieve the files
Your screenshot shows that the connection timed out when trying to transfer something (LIST) after switching to Passive Mode (PASV). In my opinion, probably your firewall is not correctly configured for Passive Mode and therefore is blocking the connection.
Try allowing incoming (inbound) connections on port 40000 to 50000 for all IP address or the IP address of your FTP client. Configuring firewall is firewall-specific, therefore, I cannot give you detailed instruction on how to do this.
sudo ufw allow 40000:50000/tcp
sudo service vsftpd restart
I've installed MongoDB on my Ubuntu 16.04 VPS and allowed connections through the firewall. When I run the server using the command (mongod), it starts without a problem and I can then connect to it (using RoboMongo as test application).
However, when I run the service automatically on startup (using systemctl), I cannot connect to it. I verified it was running, and could not run it myself as the address was already in use.
Does anyone have any experience with this, or any tips on how to solve the problem? The server will be running localhost only and I'm going to be using an SSH tunnel for testing purposes, so no authentication is necessary.
Anyone?
When you started mongod did you then provide a configuration file (using the --config or -f parameter)? If not then it defaults to listening on all interfaces.
The default configuration file which is used when starting the daemon with systemctl defaults to only listen on localhost preventing it from being available on the network. This is fine if you intend to connect to the server using a tunnel.