I have an EC2 instance (Ubuntu 14). I've defined port 27017 in its security group to be accessed from anywhere.
I'm trying to connect from my PC (Windows 10) to the EC2 instance, but getting the following error:
MongoDB not running on the provided host and port
which is not true since I've made sure that MongoDB is running.
These were the settings I specified:
I've also tried to use SSH (which is also defined in the sercurity group and works well through terminal), but got the following error:
Error creating SSH Tunnel: (SSH) Channel open failure: Connection
refused
These were the settings I specified:
Alon,
Checkpoints
See if there is a need to change the bind_ip variable at the /etc/mongodb.conf file.
By default, it is locked to localhost.
Try setting the value to 0.0.0.0 or assign the IP that will be able to connect the DB to it.
Port is allowed in security group attached to EC2 (You mentioned its done)
Not using private IP to connect (I guess, you are using the right one as you connected through terminal)
Rare case, OS firewall
I guess point 1 should do the trick. Rest points for future reference
[Update 1]
Doc link for bindIp
https://docs.mongodb.com/manual/reference/configuration-options/#net-options
I am putting this as an answer although it is meant as a comment to the answer by raevilman above but I do not have the necessary reputation to post comments yet.
If you set the bind_ip variable to 0.0.0.0 as mentioned, MongoDB accepts connections from all IP addresses. This might be a security risk if you do not use access control.
On the other hand, if I am not wrong, the idea of a SSH tunnel is for that, in this case MongoDB, the entering connection comes from localhost so no change in the configuration should be necessary.
That said, I came here because I could not connect either. I got the error 'Error creating SSH Tunnel: Timed out while waiting for forwardOut'.
In my case the solution was to put 'localhost' in the hostname field at the top instead of the host IP.
Related
I tried to connect to my local mongodb server through compass but It throws me an error "MongoDB not running on the provided host and port", I tried to change the config file many times. I tried setting
"bindIpAll: true" , bindIp: my hostname(IPv4 Address), comment the line. Everything is a failure. Anybody help me with this.
Thanks in Advance.
Just go to task manager then click on services and search for MongoDB, right click on it and start the service.
This works for me.
Have you try port number after IP address 27017 followed by ":".
I had this issue when attempting to connect with mongoDB Compass to a mongoDB on an AWS Ubuntu Linux instance (Lightsail Service to be exact).
After reading lots of similar questions here and elsewhere (and having checked my firewall rules to allow port 27017 connections) I went to check the /etc/mongodb.conf file.
By default the bind_ip (at row 11 in my system) comes configured as 127.0.0.1, and that is fine to connect from the same machine. In this config entry you should put all the IP's that are listening for connections.
I tried to add my instance public IP just after a comma
bind_ip = 127.0.0.1,35.xx.xx.xx (where 35.xx.xx.xx was my public IP)
At this point the service didn't start anymore. I started the service manually while following the log (look under /var/log/mongodb) to read this error message:
2019-03-19T15:51:59.338+0000 [initandlisten] ERROR: listen(): bind() failed errno:99 Cannot assign requested address for socket: 35.xx.xx.xx:27017
So I tried with 0.0.0.0 as suggested on another site but it gave a similar error.
I solved this by putting my AWS instance private IP address in the config file:
bind_ip = 127.0.0.1,172.xx.xx.xx (where 172.xx.xx.xx is your PRIVATE IP)
Hope this helps!
I have stumbled with the same issue while using latest mongodb v:6.14.4, my solution is to open cmd and run 'mongo' this gives the path where the mongodb is running if already installed, copy the path from cmd and you can use as below in your node module:
const mongodb = "mongodb://127.0.0.1:27017/database-name";
I have MongoDb installed on two Ubuntu 16 VMs both hosted on the same network on Google Cloud's Compute Engine. The connecting instance has Internal IP 10.132.0.2, the database instance has 10.132.0.3.
(https://gyazo.com/59f9086591a1d6673e8194a50fff51e1)
I've opened tcp 27017 for the instance I wish to connect to. I added this using the gcloud console commands.
(https://gyazo.com/0d158aa735c6967e278fac63d598721f)
I have also tried opening tcp:1-65535;udp:1-65535 for testing purposes, with no result.
Running mongo on either instance will properly connect to it's own mongodb service, so they're installed, running and working.
On the database instance, netstat -a | grep :27017 displays that it's listening correctly.
(https://gyazo.com/0f4fb3c49a51f6886ff4ccb2d44a132a)
On the database instance, the config file at /etc/mongod.conf of the is edited so bind_ip also has the Internal IP of said instance.
(https://gyazo.com/20fb669506e7e67ef49fdcf9af6df144)
I have also tried 0.0.0.0 for testing purposes, with no result.
Running mongo 10.132.0.3 from the connecting instance results in Failed to connect to 10.132.0.3:27017, reason: errno:111 Connection refused.
(https://gyazo.com/9e5aec732e3f09cbfa62a4d78df3620f)
Running nmap -p 27017 10.132.0.3 on the connecting instance shows port 27017 is closed.
(https://gyazo.com/7ccd905db5b9946d616176b9ab75479c)
I'm at an utter loss, please help me out? :<
Your mongodb servers are only listening on the localhost address (127.0.0.1), rather than on INADDR_ANY (shows up as *:27017 in netstat).
Like this question, it looks like you need to set bind_ip = 0.0.0.0 in your mongod.conf.
Thanks to E. Anderson's link I managed to solve this issue; suddenly turning this into a duplicate. However, neither this answer nor the answer in the link were "correct".
The solution to set bind_ip=0.0.0.0 in mongod.conf is rather dangerous, besides, it didn't work. However, killing the mongodb service, and then manually running mongod --bind_ip 10.132.0.3 actually allowed my two instances to connect.
Which.. means that javadude's reply in the other thread saying "But I still dont get it. Why this did not work when I modified mongo.conf file to accept bind_ip 0.0.0.0"` also goes for me. I don't get it, but, it definitely worked to manually give it an ip-address to listen on.
I am trying to use MongoDB for remote connection. First I tried localhost and internal ip address to build the connection. Both of them succeeded. Then I tried external ip address to connect on my own computer of MAC as an experiment first. I have created an admin user for the database in MongoDB. The bind_ip option is also commented in mongodb.conf. The firewall should also have been turned down. But the connection cannot been built still. Does anyone know the reason?
Thank you very much!
To allow connecting remote clients (which is your case) to MongoDB Server.
Make sure to do set bind_ip to either of values, in your mongodb.conf file -
Following is with any IP
bind_ip = 0.0.0.0
Following for bind to specific IP
bind_ip = 10.52.36.99 (or any specific IP)
I have configured an RDS Postgres micro instance for testing but am having problem connecting. I have created a security group and allow all hosts (0.0.0.0/0) by default to port 5432 but for some reason I am not able to connect. I tried connecting to the port 5432 on the machine but it appears to be closed. Any ideas? I have verified that the security group is using the correct security group.
This is my configuration
TCP
Port (Service) Source Action
5432 0.0.0.0/0 Delete
Here is how I am trying to connect to the rds service
psql -p 5432 -h example.cs945smhrv09.us-west-2.rds.amazonaws.com -U example example
UPDATE
OK feel a little silly after figuring out that rds starts up on a private 172 subnet. I was able to connect from my ec2 instance.
Question now is there a way to put that on a public address that I can connect to? I would like to configure it with a security group that limits the source ip but then be able to connect to it with psql from my desktop.
Update 2
I don't remember all the details when I originally posted this question but it is no longer an issue. We now have a management vpc that we connect to using a vpn server. The management vpc network is trusted by the prod and devel security groups for the rds instances. We have no problem communicating with them without adding any public ips.
Step 4 of the RDS setup wizard ("Additional Config") lets you select whether the DB is Publicly Accessible or not (if it's not, access is limited to within your VPC, regardless of your security group settings). I'd imagine that determines whether the hostname resolves to 54.* vs 172.* .
Your first instance may have been set to private - as far as I can tell this can't be changed after initialization. I had a similar issue and creating a new instance set to be publicly accessible solved it for me.
My company's firewall had blocked outgoing traffic to the default postgres port, 5432. I didn't realise this until I tested the port using netcat in a terminal window, as follows:
nc -zv portquiz.net 5432
Hopefully this saves someone half a day of messing around with AWS security groups.
Absolutely there is. I have pgadmin loaded on my local machine connected to my RDS instance. |
I just confirmed that I can connect using the same syntax you used for psql, although the -U was not necessary for me (I still included both "example" parameters though)
I did edit the "default" security group and added my IP (Ip of the machine I'm connecting from)/32 to be allowed, although I'm sure you could get less restrictive than that, but I'd start there and see if it helps.
This is likely caused by your outbound firewall rules. If you're behind a corporate firewall, they will often block outbound ports above a certain number. You need to setup an SSH tunnel of some kind to avoid this.
http://conoroneill.net/accessing-amazon-rds-instances-from-your-desktop/
I had this problem. This isn't a direct solution but might work for some. I set the Postgres security group to accept connections coming from the server that will be using it (same VPC). I then set up my Postgres client to use ssh tunneling. If I need to use the command line, I simply SSH into that server and then psql from there.
You can simply use workbench recommended by aws but make sure your all postgres availibily is set to everywhere..while adding PostgrSQL 5432
https://aws.amazon.com/getting-started/tutorials/create-connect-postgresql-db/
I could not understand what bind_ip in mongodb is. I could make a remote connection from desktop to the EC2 machine by having bind_ip = 0.0.0.0, but could not make it work with bind_ip = 127.0.0.1.
Please explain me what bind_ip is and why it works for 0.0.0.0 and not for 127.0.0.1.
For reference from mongodb docs:
bind_ip
Default: All interfaces.
Set this option to configure the mongod or mongos process to bind to and listen for connections from applications on this address.
You may attach mongod or mongos instances to any interface; however,
if you attach the process to a publicly accessible interface,
implement proper authentication or firewall restrictions to protect
the integrity of your database.
You may concatenate a list of comma separated values to bind mongod to multiple IP addresses.
Everywhere it's written that you have to bind them like this
bindIp : 127.0.0.1,192.168.0.50
but it doesn't work.
how it works, in the version 3.2.0 is
bindIp : [127.0.0.1,192.168.0.50]
so try to add your ips inside the [ ]
example :
# network interfaces
net:
port: 27017
bindIp : [127.0.0.1,0.0.0.0] (read what is written below in BOLD!)
However 0.0.0.0 opens up the stuff. While this is ok for TESTING, for production you should know the security implications of this setting!
Before binding your server to 0.0.0.0, please be clear about the security implications of those changes: Your server will be publicly exposed to all IPs on the whole internet. Be sure to enable authentication on your server!
You can't access your machine when you bind it to 127.0.0.1 on EC2. That's not a bug, it's reasoned by the network interface bindings.
127.0.0.1 will only bind to the loopback interface (so you will only be able to access it locally), while 0.0.0.0 will bind it to all network interfaces that are available.
That's why you can access your mongodb on EC2 when you bind it to 0.0.0.0(as it's available through the internet now) and not via 127.0.0.1.
For local servers (like a WAMP or a local mongodb server) that won't look different to you, but for that case you should also thing that binding to 0.0.0.0 for local servers might make them available over all network interfaces (so it might be public for someone who knows your IP, if there is no firewall!)
Read on a similar question on Server Fault here.
It should be clear for anyone looking up this answer that binding your mongoDB to 0.0.0.0 could be your worst move ever.
Please read up on the following article and make sure that whenever you DO decide to go all public with your (and your customers) data, you consider the following:
Do you have additional firewall rules to decide who or what can
access your service
Understand that when using Amazon EC2, if you allow 'internal' traffic it should be considered the same as putting it wide open, you
are not alone at Amazon
Are your services password protected ? And what kind of authentication ? Is the data submitted in clear text or using
encryption
Are you using the default database names, or have you copy pasted an example?
For linking to local Mongo db installation (dev environment), I found following 3 step process much easier - and it worked.
docker run -d -p 27017-27019:27017-27019 --name mongodb mongo
docker exec -it mongodb bash
mongo (voilla - you are in i.e. connected to Mongo dab)
Source: https://www.thepolyglotdeveloper.com/2019/01/getting-started-mongodb-docker-container-deployment/