Not able to access Rest Endpoint by machine name over vpn - spring-boot

I am facing issue with Rest Endpoint. When I am trying to access url with machine name instead of localhost, It is giving Access Denied error. It will give this error only over VPN connection otherwise it is working fine without VPN.
I do not have same issue with browser. Browser is able to identify url with machine name. This issue is only when I am trying to consume any endpoint running on different microservice on same machine through Java code or Postman
For Example, If I am consuming some endpoint in Java.
restTemplate.getForEntity("http://localhost:8761/actuator/beans", Object.class).getBody()
//Working fine
restTemplate.getForEntity("http://my_machine_name:8761/actuator/beans", Object.class).getBody()
//Access denied
or through Postman
http://my_machine_name:8761/actuator/beans
Error: connect EACCES 192.xxx.x.x:8761
Mainly I am using Discovery Client to identity the machine name and port so that I need not to hard code localhost in the url. I am using FeignClient for loadbalancer but looks like restTemplate is also giving same error.

I have fixed above error. If you connect your machine with VPN, it change your network. So you need to find which ip address is getting used in your machine. Try ipconfig in command prompt to find the ip address in Windows.
If you give your machine name instead of above IP address then it will not be able to find your machine as your machine name is not available in your network (because of VPN connection).
machine.ip.address=XX.66.223.XXX
eureka.client.service-url.default-zone=http://${machine.ip.address}:8761/eureka
eureka.instance.hostname=${machine.ip.address}
Provide your network ip address in your URL instead of machine name to make it work.

Related

arangosh cannot connect to endpoint when endpoint is 0.0.0.0

I have arangodb running on a centos root server, initially with default endpoint 127.0.0.1:8529. With this initial setup, I can easily connect via arangosh (running on the same server).
In order to access my arangodb as a web service from anywhere, I changed arangod.conf to endpoint 0.0.0.0:8425 and the arangosh.conf endpoint accordingly. From then on, I can access the web interface from anywhere without a problem but arangosh unfortunately refuses to connect on the server itself. The error message simply states "cannot connect".
How can I get the shell working again?
0.0.0.0 is not a valid IP address you could connect to from the ArangoShell. However, in IPv4 this address has some other implicit meanings, and on the server side (arangod) it is used to bind to "any IPv4 address at all". Note that this is on the ArangoDB database side, not the client side.
That means you can use this special address on the server, but not when connecting from the ArangoShell. In the ArangoShell, you will have to specify the server's IP address (as exposed to the clients).

DNS resolution fails in web browser but nslookup succeeds

We are a small, 300-seat organization with a mixed BYOD and Active Directory environment (Windows Server 2012 Standard, Windows 7 Enterprise) and we are having a very strange problem involving very specific-scope failures to resolve our organization's domain name on our domain-joined, company-controlled machines. For the purpose of this discussion, I'll use company.com instead of our domain name.
Background:
Active Directory Domain Controller is located at 172.16.1.3
The AD/DC machine is also running DHCP, DNS, and HTTP (IIS)
Our organizations websites at company.com and subdomain.company.com are hosted by IIS on the AD/DC machine
We have a split-DNS scenario in which the AD/DC server is used for internal DNS resolution but a different, off-site server provides DNS resolution for public queries
The IP address corresponding to company.com and subdomain.company.com is the public IP address used by a firewall at the edge of our network (both on the AD/DC DNS server and the off-site DNS server)
The firewall is correctly configured for NAT to pass HTTP and HTTPS requests it receives on its public IP address to the internal IP of the AD/DC server and reflects
Scenario 1:
A user on a domain-joined Windows 7 Enterprise machine is connected directly to our local network with local address 172.16.6.100 /16, issued by the DHCP server.
The DNS server entry is provided by DHCP (172.16.1.3)
This user is able to access the websites hosted at company.com and subdomain.company.com
Edit: nslookup has been run in this scenario and correctly returns the proper DNS record from the internal DNS server (172.16.1.3)
Scenario 2:
The same user on the same domain-joined Windows 7 Enterprise machine goes home and connects to the Internet using their residential ISP
The IP and DNS server entries for the client machine are provided by DHCP
This user can access any internet resources, such as google.com
This user cannot access the website at company.com or subdomain.company.com (a "host not resolved" error is returned)
When this user runs nslookup on company.com they DO receive the correct public IP address provided by DNS
HTTP/HTTPS requests to the IP address succeed and a webpage is returned properly by the server
This issue prevails across all web browsers
Using tracert company.com returns "unable to resolve target system name"
Using ping company.com returns "could not find host company.com"
When running Wireshark on the client before/during a failed request, no packets are sent by the client machine (either for DNS resolution or for an initial HTTP/ping/tracert request)
Restarting the DNS Client service does not resolve the problem
Stopping the DNS Client service does not resolve the problem
Using ipconfig /flushdns does not resolve this issue
Using route /f does not resolve this issue
Resetting the network connections using netsh int ip reset does not resolve this issue
Edit: nslookup has been run in this scenario and correctly returns the proper DNS record from the DNS server specified by the DHCP settings of the network used by the user
Scenario 3:
This same user on a personal (not domain-joined) Windows 7 Professional computer is able to access the websites at company.com and subdomain.company.com when connected to our local network
Edit: nslookup has been run in this scenario and correctly returns the proper DNS record from the internal DNS server (172.16.1.3)
Scenario 4:
This same user on a personal (not domain-joined) Windows 7 Professional computer is able to access the websites at company.com and subdomain.company.com when connected their home network
Edit: nslookup has been run in this scenario and correctly returns the proper DNS record from the DNS server specified by the DHCP settings of the network used by the user
Final Notes:
This issue seems to be generalized to affect all company-owned computers. We are using a common system image for all company-owned computers, which was just loaded in August. I have been scouring the internet in search of possible solutions and have come up empty handed so far -- I really appreciate any suggestions or advice you may have.
This is quite an interesting scenario. Looking at your scenario 3, user with personal computer can access the services but why is the DNS entry coming from your corporate IP and not users home DNS. Is the machine on company network?
Verify this:
When user tries to access service from home on company computer, is the IP details from home internet router or company network via VPN?

setting up home ftp server using filezilla

I googled, followed all the instructions but still stuck, and unable to create a home ftp server.
My internet is from dsl modem -> vonage router -> wifi router
FileZilla server ip is 127.0.0.1 and it works fine when tried from command prompt. But I need it to be accessible from outside.
I enabled ftp on wifi router's web settings page using virtual server setting.
I am stuck at this point, I don't know what else to do further. Any help is greatly appreciated.
Also, if you are planning on accessing your server remotely, (not in your network) you will have to enable port forwarding on your router. (Use the ip address of the machine running the server and use port 21) Otherwise, you only be able to connect while in your LAN.
This pretty much summarizes your needs(via lifehacker.com)
If you're FTP'ing across your home
network (like from your upstairs PC to
your bedroom PC), you can reach the
server by using its internal network
address (most likely something like
192.168.xx.xx.) From the command line, type ipconfig to see what that address
is. If you want to log into your FTP
server over the internet, set up a
memorable URL for it and allow
connections from outside your network.
To do so, check out how to assign a
domain name to your home server and
how to access your home server behind
a router and firewall.
Original Article
How to assign a domain name to your home server
How to access a server behind a router and firewall
You need to be able to access your internal network from the internet. Consider using a service like dynDNS if your router supports it.

Red5 Problem with connecting from remote client

So I have this issue. The issue is I am unable to connect to my red5 server from a remote client. I also have not found any tutorials on how to install red5 so that remote clients can connect to it. However, here is what I have done...
Inside My MXML Flex File I try to connect to the computers IP that the server is running on(My Server is running from within Eclipse). The line for connecting looks like this netConnection.connect(rtmp://192.168.2.12/myApp, true);
All that happens is after a lot of minutes go by, I just get NetConnection.Connect.Failed and there is no log being output by Eclipse. Almost like it never even registers the connection that the remote client is trying to make.
The other interesting thing is that I am ABLE to connect to my Red5 Server using a different computer within my local home network just fine. But only when it is remote I am unable to connect.
I have changed my Red5-web.properties file and added this...
webapp.contextPath=/myApp
webapp.virtualHosts=*, 127.0.0.1, localhost, 192.168.2.14, 174.122.104.3
The 174 one is my website where the Flex Swf Resides on.
I think maybe somehow my computer is not setup or configured to allow these remote connections and is rejecting them or something, I'm not quite sure why a remote client can't connect. Does anyone have any idas?
Your help is greatly appreciated.
You may uninstall the red5 and reinstall it.
When it ask you the server ip address type your server's LAN adress (192.168.2.* or 10.0.0.* whatever). This solved my problem.
In my opinion, if you have at least one domain name that you own, the best way for you to go is to set up an Apache Http Server to your server machine, and create subdomains for both red5, rtmp and rtmpt. Make the Apache handle your incoming requests, and decide their correct routing there.
In case you don't own a domain, or the previous way is too time-taking to set up and get it work, you should just make sure that the ip address you're trying to connect to is not an internal IP.
In your example above you are trying to connect from the client to a 192.168... address. If you try to connect to it from within your LAN, it works, since that ip there is registered to your machine.
But when you take your notebook to your neighbor, and using his internet connection to access your site and connect to red5, the client (flex application) will also try to connect to that 192.168..., and your neighbor's router has no idea about your LAN, probably it doesn't have such an internal IP address either, but SURELY cannot connect to your server.
So instead of using 192.168... in your connection string, you should try using your external IP address (the 174... one):
netConnection.connect("rtmp://174.122.104.3/myApp", true);
This will work always, as far as you have a static IP address.
Also make sure, that your red5 server is accessible over the 80 port, or if it's not, specify the correct port number there.
For that you can do following thing...
These steps I took and it's solved my problem...
1.During the installation, you must have given ip 127.0.0.1 (localhost) and port :5080
2.firstly open the port (5080 and 1935) on firewall.
Visit http://windows.microsoft.com/en-in/windows/open-port-windows-firewall#1TC=windows-7
3.Now to go red5->conf->red5.properties and open this file in notepad++. (or any other editor)
4.repalce http.host and rtmp.host ip with your ip address (ipv4)
5.start the red5 service.
6.Now check http://yourip:5080
It will start working, and you can access it from other system also (in the same network Obviously )

Resolve host name to an ip address

I developed a client/server simulation application. I deployed client and server on two different Windows XP machines. Somehow, the client is not able to send requests to the server.
I tried below options:
Pinged server machine successfully from client using ip-address.
Pinged client machine successfully from server using ip-address.
Checked netstat command line tool from both machines. Server is in LISTENING mode and client is in SYS_SENT mode. But the foreign address it is using to send is host name not the ip address.
Pinged server machine unsuccessfully using host name from client.
Pinged client machine successfully using host name from server.
I feel the problem is when the client is trying to connect to the server using the host name.
Could you please let me know how to force an application to use an ip address instead of a host name? Is there any other way to map the host name to an ip address?
Go to your client machine and type in:
nslookup server.company.com
substituting the real host name of your server for server.company.com, of course.
That should tell you which DNS server your client is using (if any) and what it thinks the problem is with the name.
To force an application to use an IP address, generally you just configure it to use the IP address instead of a host name. If the host name is hard-coded, or the application insists on using a host name in preference to an IP address (as one of your other comments seems to indicate), then you're probably out of luck there.
However, you can change the way that most machine resolve the host names, such as with /etc/resolv.conf and /etc/hosts on UNIXy systems and a local hosts file on Windows-y systems.
Try tracert to resolve the hostname. IE you have Ip address 8.8.8.8 so you would use; tracert 8.8.8.8
You could use a C function getaddrinfo() to get the numerical address - both ipv4 and ipv6.
See the example code here
This is hard to answer without more detail about the network architecture. Some things to investigate are:
Is it possible that client and/or server is behind a NAT device, a firewall, or similar?
Is any of the IP addresses involved a "local" address, like 192.168.x.y or 10.x.y.z?
What are the host names, are they "real" DNS:able names or something more local and/or Windows-specific?
How does the client look up the server? There must be a place in code or config data that holds the host name, simply try using the IP there instead if you want to avoid the lookup.
Windows XP has the Windows Firewall which can interfere with network traffic if not configured properly. You can turn off the Windows Firewall, if you have administrator privileges, by accessing the Windows Firewall applet through the Control Panel. If your application works with the Windows Firewall turned off then the problem is probably due to the settings of the firewall.
We have an application which runs on multiple PCs communicating using UDP/IP and we have been doing experiments so that the application can run on a PC with a user who does not have administrator privileges. In order for our application to communicate between multiple PCs we have had to use an administrator account to modify the Windows Firewall settings.
In our application, one PC is designated as the server and the others are clients in a server/client group and there may be several groups on the same subnet.
The first change was to use the functionality of the Exceptions tab of the Windows Firewall applet to create an exception for the port that we use for communication.
We are using host name lookup so that the clients can locate their assigned server by using the computer name which is composed of a mnemonic prefix with a dash followed by an assigned terminal number (for instance SERVER100-1). This allows several servers with their assigned clients to coexist on the same subnet. The client uses its prefix to generate the computer name for the assigned server and to then use host name lookup to discover the IP address of the assigned server.
What we found is that the host name lookup using the computer name (assigned through the Computer Name tab of the System Properties dialog) would not work unless the server PC's Windows Firewall had the File and Printer Sharing Service port enabled.
So we had to make two changes: (1) setup an exception for the port we used for communication and (2) enable File and Printer Service in the Exceptions tab to allow for the host name lookup.
** EDIT **
You may also find this Microsoft Knowledge Base article on helpful on Windows XP networking.
And see this article on NETBIOS name resolution in Windows.

Resources