I have started an ubuntu instance on AWS EC2
e.g. [ec2-user#ip-XXX-XX-XX-XX ~]$
Inside this instance, I am running a socket program for sending the data to my local system.
The program is running properly, but not able to connect to my local IP.
I am trying to ping my local system also from AWS ec2 user, but it is also not working.But I am able to ping google(8.8.8.8).
e.g. [ec2-user#ip-xxx-xx-xx-xx ~]$ ping xxx.xxx.xx.xx(my local IP)
I have set all security groups(inbound), like All Trafic,All TCP and so on.
Sorry for bad English.
Thank You
Your computer (PC) cannot be pinged from an AWS hosted machine
This is probably because the VM on your computer is using NAT outbound to talk to the LAN, which goes to an Internet router, which sends the packets to AWS
The reverse route (inbound to your PC) does not exist so starting a ping echo request from a AWS machine will not work
It is possible to get around this by opening a pass through on your router but generally this is not a great idea
However if you want to make a socket connection securely there is a way
First, start a ssh session with remote port forwarding. In the Linux ssh client this is using the -R option.
For example, if your local system is running a listening service on port 80 and your remote system has the address of 54.10.10.10 then
ssh -R 8080:localhost:80 ec2-user#54.10.10.10
Will establish a circuit such that connections to the "localhost" on the remote ec2 server on port 8080 are connected to the "localhost" on port 80 of your local machine
If you are not using a ssh cli program, most ssh clients have a facility of this sort.
Note that it is necessary to keep the ssh session open to be able to use the connections
Related
I tried to connect a remote MongoDB Server running on Ubuntu using MongoDB Compass on Windows. But I have problems connecting always as the IP of the Windows machine changes every day.
I did the following things to connect to the remote server-
Got the IP of the Client Machine, then allowed that IP on the firewall of the server machine on port 27017.
sudo ufw allow from client_machine_ip to any port 27017
Note: The ufw status looked okay.
Got the IP of the Server Machine, then on the MongoDB configuration file on the server, I modified the bindIp.
bindIp: 127.0.0.1,server_machine_ip
Note: I restarted mongod and it was okay too.
I was able to connect the remote MongoDB Server using MongoDB Compass successfully for the first time. Then I saw, the IP of the client machine was changing every day. So, every time, the client IP changes, I need to allow that IP on the firewall of the server machine (in which I am using the MongoDB Server) on port 27017. Could you help to solve this? Thanks in advance.
You can update the firewall for port 27017 to allow from anywhere since client machine IP is not static.
sudo ufw allow 27017 #(this will allow from any IP)
I have a PgAdmin server running on localhost and I'm trying to connect to it from another computer on the same network (they have the same IPv4 address).
I've gone through a lot of questions but all of them explain how to connect to a remote server, which I assume is running on an available host.
I've tried:
adding listen_addresses = '*' to postgresql.conf (on both computers)
adding host all all 0.0.0.0/0 md5 to pg_hba.conf (on both computers, replacing 0.0.0.0/0 with a variety of ip addresses)
some other things I saw in tutorials but don't remember
What I'm trying to understand is:
Is it possible to connect remotely to a server running on localhost?
If it is possible, which IP address does the remote computer need to connect?
You need to resolve some basic questions first:
What is the IP of the computer where PG is running? e.g. 192.168.100.10
Which port is PG exposed on? e.g. 9999
After you collected the two above information you can go on the second computer where you have pgAmin and execute
telnet <host> <port>
substituting <host> and <port> with the info collected above. If telnet replies with
Trying ::1...
Connected to <host>.
Escape character is '^]'.
this should mean that the port is open and PG should be listening on that host:port. You found your connection string to PG!
I am just sharing my understanding here. Corrections are welcome.
pgAdmin can connect to one/more postgres servers via TCP over using JDBC like protocol. pgAdmin is just a stand-alone web-interface ( web adapter ).
So some web-server configuration/tuning should be needed in pgAdmin configuration to enable access from remote machines.
Trying to understand how this works, documentation isn't very clear. Using AWS quickstart-mongo, I am making a VPN for 3 Mongo nodes, with a bastion server. I can log into my bastion server via SSH and my key. Then I can copy the key to bastion server and SSH into the primary replica node. This node is running mongo and shows via rs.status() that all 3 nodes are running correctly.
Once logged into bastion server, I try to do curl primary-mongo-node-ip:27017, and it seems to hang.
Local Computer -> Bastion Server -> Replica Node 1 / 2 / 3
I think I understand I need to somehow connect to Bastion server, then set up a ssh forwarding to primary-mongo-node-ip:27017, sec1-mongo-node-ip:27017, sec2-mongo-node-ip:27017, so that my mongo URI connection looks like this:
SSH into bastion-dns
mongodb://user:pass#localhost:1000,localhost:1001,localhost:1002/database
How do I do this when I cant event connect to the server on bastion servers without SSH?
Assuming that the Mongo instances allow traffic from Bastion Host (in security groups) for required ports, you can use SSH tunnelling mechanism to access the cluster/instance from your local host:
ssh -N -L <local_port_x>:<mongoDB instance ip>:<mongo_port_y> <ssh_username>#<bastion_host_ip> -i <ssh_key_path>
Local_Port_X : Port on your local machine where you want to access remote Mongo instance
MongoDB Instance IP : ip address for ec2 instance hosting MongoDB
Mongo_Port_Y : Port that MongoDB is listening on (seems 27017 from your question - please do verify that you can talk to Mongo Instance from within Bastion host on this port)
Bastion_Host_Ip : IP address on bastion host which should directly be reachable from your local machine
I'm trying to open a port on Windows Azure, and I have already:
Open a port on Azure portal using NSG
Open a port on Linux virtual machine (iptables)
The port is open for all machines in the Windows Azure LAN network
I can't telnet from my remote host to Azure VM on PgSQL port (5432)
I have the same rule on iptables for 22 port and 8080 and those two rules are working...from my remote host..
I have also try to use tcpdump but I can't capture any packages for 5432 port when I try do telnet this port form my remote host...
No, my ISP don't block this port
I'm running out of ideas... if Azure is blocking the port, what will be point of setting NSG in the first place?
I have solved this problem some time ago, maybe it will be useful for someone. EnyĆej, when creating rules for azure firewall the numbers are very important:
if you have:
1000 allow-default-ssh
2000 allw-default-sth
don't create a rule with numbers like 1100 allow-smtp, start with a higher number like 2100.
I have PostgreSQL 9.4 running on a Linux VPS, and I need to be able to connect to it over SSH from both Linux and Windows clients. (I will later need to connect to multiple servers, and so that all clients use the same port numbers, I'm forwarding to port 5551 for the first server, then I will use 5552, 5553, etc.)
From a Linux client I just run ssh -fNg -L 5551:localhost:5432 user#remote1.com and connect to localhost:5551 with PGAdmin3 or any other client app. Works great.
On Windows, I'm using PuTTY and Pageant. I got the connection to user#remote1.com via terminal working, then I went to the SSH Tunnels and added L5432 localhost:5551. Terminal connection still works, but when I try to connect with PGAdmin3 to localhost:5551 I get an error:
could not connect to server: Connection refused (0x0000274AD/10061) Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5551?
I resolved it. Like many things, this is obvious in hindsight. I had things backward in the SSH Tunnels setup in PuTTY. It needs to be L5551 remote1.com:5432