as shown in the picture below i want to open a vnc session with VNC-Viewer Client in Windows OS:
When i want to open a session in VNC-Viewer i get this Error:
My attemps to reach the private subnet:
Check jump: jump to ODI-Private from Bastion: ssh -J opc#xx.xx.xx.xx opc#10.0.19.177
i can jump successfull
Check if VCN is running: ps -ef |grep vnc
seems like running
Add ingress and exgress Rules for Port 5901 in public and private subnet
Opening Port: 5901 in Bastion:
sudo firewall-cmd --permanent --zone=public --add-port=5901/tcp
Verify the listening port in Bastion:
Verify the listening port in ODI Private Subnet:
Telnet in Bastion to ODI
Ping ODI Host
Stopped Firewall in Bastion no success either
I am currently very perplexed and need help.
My Oracle instruction: https://docs.oracle.com/en/middleware/fusion-middleware/data-integrator/12.2.1.4/dimgs/getting-started-oracle-cloud-marketplace.html#GUID-CFB26CEA-DE22-4FD4-91DF-D9CAA48847BE
thanks for your Support. Port 5901 was not enabled permanently.
Related
I have Centos7 VM built using vagrant with private IP address of:192.168.56.255
I am running my Spring boot application on that VM on port 8443. It supports HTTPS. My issue is that when try to send https requests to 192.168.56.255 web server via Curl command i got
curl: (7) Couldn't connect to server
I have read many tutorials that explain how to configure my Firewall in Cento7 but still got the same issue one is provided by DigitalOcean
When I type
sudo firewall-cmd --list-all-zones
I got
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: ssh dhcpv6-client https http mysql
ports: 8443/tcp 3306/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
As you can see I enabled everything I need and more but still. I even shut down the Firewall but still the connection is refused from my host.
When I made the changes I did reload my firewall
sudo firewall-cmd --realod
So that is not the problem
The problem was not with the Firewalld but with the pre-configured IP address using Vagrant.
The IP address should not be 255 in the first byte as I did 192.168.56.255
because that indicates that this is a broadcast address. So i solved it by changing it to 192.168.56.10
I have two VirtualBox Vagrant machines running on my Mac:
Ubuntu 16.04.1, private network: 192.168.122.13, running as a webserver (PHP, Apache, etc.).
Ubuntu 16.04.1, private network: 192.168.122.14, running MySQL.
How do I connect to MySQL from the webserver?
I have enabled port forwarding on the MySQL box (3306 guest => 5629 host) and commented out the bind-address line in /etc/mysql/mysql.conf.d/mysqld.cnf. If I SSH onto the webserver and try to connect using mysql -host 192.168.122.14 -P 5629 -u xxx -p yyy the connection times out (ERROR 2003 (HY000): Can't connect to MySQL server on '192.168.122.14' (110)).
MySQL runs on the vagrant box with IP 192.168.122.14, and is listening on port 3306. When you forward ports, it means that the port 3306 from the virtual machine, is forwarded to your host OS on the port 5629.
From your web server (192.168.122.13) you could connect to mysql by
mysql -h 192.168.122.14 -P 3306
or
mysql -h 192.168.122.1 -P 5629
Here 192.168.122.1, refers to the IP of your host OS. The IP 192.168.122.1 is created by vagrant and assigned to your host OS
I'm running postgresql on a Vagrant centos 7.2 box on macOS. I have confirmed postgres is up and running on the Vagrant box on port 5432 by connecting to it using psql on the box itself. I am attempting to forward port 5432 on the Vagrant box to port 10001 on my host machine as follows:
config.vm.define "acc_db" do | acc_db |
acc_db.vm.box = "bento/centos-7.2"
acc_db.vm.hostname = "acc.db"
acc_db.vm.network :forwarded_port, guest: 5432, host: 10001
acc_db.vm.provision "shell",
inline: "yum upgrade -y -q --nogpgcheck"
acc_db.vm.provision "shell",
path: "install_postgres.sh"
I have altered my pg_hba.conf to bind to all ip addresses and allow password authentication, as below:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::1/128 ident
I have turned off the firewall but I am still unable to connect to postgres on port 10001 on the host machine:
psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.10001"?
How do I fix this so that port forwarding works?
I have seen https://gielberkers.com/fixing-vagrant-port-forwarding-osx-yosemite/ but haven't tried it as it involves touching files I'm unfamiliar with. Is it the correct approach? It looks like you have to explicitly allow every port you want to forward via Vagrant.
...connections on Unix domain socket "/tmp/.s.PGSQL.10001" means that you are not attempting a TCP/IP connection, so port forwarding cannot happen.
By default, psql use Unix domain sockets on unix-like OSes.
Use the -h option of psql to specify a host, presumably 127.0.0.1 if using IPv4.
Additionally, the PostgreSQL server must listen to the network interface to which the connection will be routed. By default, it listens only to localhost for security reasons.
Setting listen_addresses='*' in postgresql.conf makes it listen on all existing interfaces.
I have an EC2 instance which is running with the following security groups:
HTTP - TCP - 80 - 0.0.0.0/0
Custom UDP Rule - UDP - 1194 - 0.0.0.0/0
SSH - TCP - 22 - 0.0.0.0/0
Custom TCP Rule - TCP - 943 - 0.0.0.0/0
HTTPS - TCP - 443 - 0.0.0.0/0
However, when I try to access http://{PUBLIC_IP} or https://{PUBLIC_IP} in the browser, I get a "{IP} refused to connect" error. I'm new to AWS. Am I missing something here? What should I do to debug?
One way to debug this particular class of problem is to use netcat in order to determine where the problem lies.
If you run netcat against port 80 on the public IP address of your instance and just get a hang (no output at all), then most likely your security group isn't allowing traffic through. Here is an example from an EC2 instance that is in a security group that doesn't allow port 80 traffic inbound:
% nc -v 55.35.300.45 80
<just hangs>
Whereas if the security group is changed to allow port 80, but the EC2 instance doesn't have any process listening on port 80, you'll get the following:
% nc -v 55.35.300.45 80
nc: connectx to 52.38.300.43 port 80 (tcp) failed: Connection refused
Given that your browser gave you a similar "connection refused", most likely the problem is that there is no web server running on your instance. You can verify this by ssh'ing into the instance and seeing if you can connect to port 80 there:
ssh ec2-user#55.35.300.45
% nc -v localhost 80
nc: connect to localhost port 80 (tcp) failed: Connection refused
If you get something like the above, you're definitely not running a webserver.
I'm not sure if it's too late to help but I was stuck with a similar issue with my test server
SG Inbound: ssh -> 22
HTTP -> 80
NACL: default allow/deny settings
but still couldn't ping to the server from my browser, then I realize there's nothing running on the server that can serve the request, and I started httpd server (webserver) and it worked.
sudo yum -y install httpd
sudo service httpd start
this way you can test the connectivity if you are playing with SGs and NACLs and of course it's not the only way, just an example if you're figuring your System N/W out.
Have you installed webserver(ngingx/apache) to serve your requests. If so please share your the config files. (So that it will help to troubleshoot)
I think the reason is probably that you did not set up a web server for your EC2 instance, because if you try to access http://{PUBLIC_IP} or https://{PUBLIC_IP}, you need to have a background server to serve the http request as #Niranj Rajasekaran said.
By the way, by simply pinging the {PUBLIC_IP}, you could see if your connection to your EC2 instance is normal or not.
In command prompt or terminal, type
ping {PUBLIC_IP}
In my case, the server was running but available on just 127.0.0.1 so it refused connections from external hosts. To see if this is your situation, you can run
netstat -an | grep <port number>
If it says 127.0.0.1:<port number> instead of 0.0.0.0:<port number>, you have this problem.
Usually there's a flag or an argument in your server code somewhere to set the host to 0.0.0.0:
app.run(host='0.0.0.0') # flask example
However, in my case, I had already set this so I thought that couldn't possibly be the issue, which is how I ended up on this thread, which asks more generally about the problem. Unfortunately, I was using docker, and had set 0.0.0.0 on the container but was mapping that explicitly to 127.0.0.1 on the host in the docker-compose port-mapping:
ports:
- "127.0.0.1:<port number>:<port number>"
Changing that line to remove the host IP specification fixed the problem upon re-deploy:
ports:
- "<port number>:<port number>"
first time poster, but have been very impressed with this community. I've spent an embarrassing amount of time this week trying to resolve this issue - there doesn't seem to be much info on the net & I am stuck. Thanks in advance for any insights!
I am moving an existing WLS application into Docker. Goal is to have a repeatable Dev environment with WLS inside container & those containers running inside Vagrant (custom RHEL 6.5 VirtualBox).
I configured & started WLS container. I am also able to access WLS services from the container on VM. However, when I try to access the container from the host, I receive a connection timeout error.
I am running a private network 10.10.10.41 on Vagrant with port forwarding 7771:7001 - if I access that IP:Port (as I normally would when running a service within Vagrant), I get a connection refused.
I am able to run WLS "natively" from the VM and access from the host successfully. I am also able to run Apache conatiners from within the VM and access them from the host successfully. So the issue appears specific to WLS running inside a container in VM.
I turned off the firewall on the VM, which I've read is a common issue with Vagrant + Docker.
I have a whole host of information to share, but rather than drink from the firehose I will start out with a couple pieces. Happy to attach any further info as necessary. Thanks again!
Vagrantfile
config.vm.network "private_network", ip: "10.10.10.41"
config.vm.network :forwarded_port, host: 7771, guest: 7001
Dockerfile
EXPOSE 7001
Dockerrun
docker run -d -p 7001:7001 -v /my/release:/domain/release --name "wladmin" --link wlmanaged:wlmanaged my/wladmin
Container IP
docker inspect -f '{{ .NetworkSettings.IPAddress }}' wladmin
172.17.0.13
nmap VM (localhost)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000044s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
nmap VM (Vagrant private network IP)
Nmap scan report for 10.10.10.41
Host is up (0.000053s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
nmap WLS Docker Container
Nmap scan report for my.domain.com (172.17.0.11)
Host is up (0.000055s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
7001/tcp open afs3-callback
7002/tcp open afs3-prserver
I found the root cause & wanted to share back.
It turns out that because Vagrant has a private network adapter, we have to bind the container to that adapter using.
docker run -d -p 10.10.10.41:7001:7001 -v /my/release:/domain/release --name "wladmin" --link wlmanaged:wlmanaged my/wladmin