Can't connect to MongoDB instance running on remote azure windows machine - windows

I'm having trouble connecting to a mongo instance running on a windows azure vm running Windows Server 2012 R2. I've verified the following things
The network security group has rule allowing port 27017 inbound (* -> 27017)
The VM has TCP port 27017 inbound open on all profiles (currently, my firewall is completely disabled)
Mongo is running as a windows service. I've verified it is up and running. I was able to connect, insert, and find records in the shell on the remote vm that's running Mongo
When I run netstat -a, I can see 0.0.0.0:27017 with the status "LISTENING"
If I try to ping the VM, it times out (I believe this is expected)
Port 22 is open in the firewall and in the network security group rules
I am not running any 3rd party anti-virus software on my local machine
I tried restarting the VM both from the OS and from azure portal
I tried removing the rules from network security group and readding them
I've tried connection via SSH in bash on my local machine running windows 10 using the most basic command mongo <ip-address>. It times out with the message ssh: connect to host x.x.x.x port 22: Resource temporarily unavailable
I've tried connection via Putty/SSH. Same result
I've tried connection via MongoDB Compass which gives a similar error Could not connect to MongoDB on the provided host and port
any ideas?
Here's the config I'm using
systemLog:
logAppend: true
verbosity: 0
traceAllExceptions: true
path: c:\MongoLogs\mongolog.log
destination: file
net:
port: 27017
bindIp: [127.0.0.1, <external-ip>]
http:
enabled: true
JSONPEnabled: false
RESTInterfaceEnabled: true
storage:
dbPath: c:\MongoData\

As it turns out, the VM had multiple network security group profiles attached to it. When I click "Effective security rules" it showed a second tab that had another profile that appears to have been inherited from the subnet -- sufficed to say, it did not have the permissions that are needed. By opening the correct ports on that profile as well, connections we then going through just fine. We're gonna clean that up, but in short, there was a conflict of permissions.

Related

How do I enable remote access/request to Elastic APM-server?

I have setup of Elastic with APM server on single machine. I've configured APM java agent to push traces to APM server on localhost. Everything works fine with localhost configuration on Windows.
Now, I'm looking to run apm java agent for application running on different machine on the same network. That is apm java agent on linux & apm server running on windows machine.
Default APM-server listen to localhost. I tried to change setting on apm-server.yml file with -
apm-server:
# Defines the host and port the server is listening on. use "unix:/path/to.sock" to listen on a unix domain socket.
host: "hot-ip:8200"
default is:
host:"localhost:8200".
After making apm-server.yml change, process explorer show apm-server.exe process listening to IP- host-ip port- 8200 protocol- TCP.
But, still http://host-ip:8200 is not accessible from other machine on network. While on the same machine (windows) http://localhost:8200 & http://host-ip:8200 works fine & give below response.
{
build_date: "2019-05-23T12:58:36Z",
build_sha: "410bf33fa1b67fa5bd02a388de17d0e30ec031da",
version: "7.1.1",
}
Thanks for help.
To listen on 0.0.0.0 try:
host: ":8200"
Is a firewall blocking the traffic (like Window's built-in one)?
10.9.21.91 is the IP that hosts are trying to reach? Just to be sure you could bind to host: "0.0.0.0:8200", which would cover all possible interfaces.
Replace "localhost:8200" with "0.0.0.0:8200" in apm-server.yml

Unable to connect to host on different system from mongo shell in windows

I am trying to connect to mongodb from my system to different system but i am getting following error-
MongoDB shell version v3.4.5
connecting to: mongodb://192.168.0.152:27017/
2017-06-23T18:06:50.643+0530 W NETWORK [thread1] Failed to connect to 192.168.0.108:27017 after 5000ms milliseconds, giving up.
2017-06-23T18:06:50.644+0530 E QUERY [thread1]
Error: couldn't connect to server 192.168.0.152:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:237:13
#(connect):1:6
exception: connect failed
I tried various solutions listed on stackoverflow but didn't find any solution yet.
Can somebody please help me out?
getaddrinfo() resolves domain names through the DNS protocol (which is not related the Netbios Naming System - reason why writing a Windows PC Name is usually a bad idea). Depending of the underlying implementation of the function it might or might not be able to resolve Netbios Names.
Usually using a Netbios computer name is a bad idea, you should rely on a proper DNS architecture.
If you have the exact same error with a mongodb:// URL using solely an IP address, it's weird... Please provide more details on the IP address try case.
Also ensure that the server is not firewalled. Try a netcat connection using netcat for windows:
nc IP 27017 -vv
should say 'Connected'
Netcat for Windows: https://eternallybored.org/misc/netcat/
To be able to connect to mongodb server hosted in another machine, you should be sure that your mongodb server allows connections from addresses other than 127.0.0.1
In the mongod.conf there should be some network interfaces configuration:
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1
To allow any machine to connect to your server the bindIp should be set to: 0.0.0.0

How to properly configure a FTPconnection with Windows Azure Server.?

I'm new to Windows Azure Server configurations, and I'm trying to configure the FTP Connection. But when I access the Server with FileZilla it doesn't work. What am I doing wrong here?
I'm using IIS with FTP Server Roles installed.
Following is the error log from FileZilla
Status: Resolving address of AZR-SRV-map01.cloudapp.net
Status: Connecting to 52.187.64.207:990...
Status: Connection established, initializing TLS...
Status: Verifying certificate...
Status: TLS connection established, waiting for welcome message...
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I.
Command: PASV
Response: 227 Entering Passive Mode (52,187,64,207,195,237).
Command: LIST
Response: 150 Opening BINARY mode data connection.
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server
I also tried the following steps in configuring the FTP Connection...
Here the endpoints have being configured from the Azure Portal.
This is how I published the FTP Site
Configured the FTP Firewall Support with the Azure Server Public IP
And enabled the firewall outbound and inbound rules..
After completing all the steps, I restarted the Microsoft FTP Service, but the problem still exists.
For now, we can't configure a active mode FTP on Azure VM. we should configure data channel port range in FTP Firewall Support, FTP work in passive mode. For example, we can use 10000-10010 ports as the data channel port range. Also, we should add ports to VM's endpoints and add then to VM's firewall inbound rules.
By the way, although the windows firewall seems to allow all traffic that’s required, we also need to enable stateful FTP filtering on the firewall:
netsh advfirewall set global StatefulFtp enable
Then restart the FTP windows service and we should be up and running:
net stop ftpsvc
net start ftpsvc
Here a case similar as you, please refer to it.

Not able to CHEF bootstrap a windows EC2 instance, Winrm error

I am using CHEF 12 and trying to bootstrap an EC2 instance (Win server 2012 R2) from my workstation. However, I am getting the below error.
> Waiting for remote response before
> bootstrap.....................ERROR: No response received from remote
> node after 2.08 minutes, giving up. ERROR: Network Error: No
> connection could be made because the target machine actively refused
> it. - connect(2) (http://52.76.1.57:5985) Check your knife
> configuration and network settings
I have two CHEF servers (Hosted as well as on-premises); I have tried bootstraping the EC2 instance using each of these, but get the same result.
Chef bootstrap command issued via power-shell:
PS ~\chef-repo> knife bootstrap windows winrm 52.76.1.57 --winrm-user Administrator --winrm-password '******' --node-name node_145 --run-list 'recipe[ie::esc],recipe[install_iis]'
As far as I researched, it is because I am not able to establish a WINRM connection from my workstation to the Ec2 instance. I am however able to connect to another Win 2012 server within my office network and bootstrap successfully.
have already logged in remotely to the EC2 instance and run winrm quickconfig from powershell.
have set the Administrator password to a desired one.
Have opened inbound firewall rule for WIndows remote management on ports 5985 and 5986
Set up setcurity group and allowed inbound Custom TCP rule for ports 5985 and 5986 on AWS
you took all the necessary steps for this, would it be possible that you are getting filtered by a firewall (e.g company firewall)?
fyi, I managed to bootstrap a machine with the following steps:
# configure winrm for using knife winrm
winrm set winrm/config/service/auth '#{Basic="true"}'
winrm set winrm/config/service '#{AllowUnencrypted="true"}'
set-item WSMan:\localhost\Client\allowunencrypted $true
#turn off firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
EDIT: to sum up below comments, the problem was the company firewall that was blocking the traffic
Windows 2012 R2 introcuced changes within WinRM security, which rendered some of old articles / readme examples explaining usage of knife-ec and knife-windows unusable.
This article http://blog.coderinserepeat.com/2015/07/15/chef-knife-ec2-and-knife-windows/ pretty much sums up how to deal with this in recent versions of knife plugins.

"network error: connection refused", putty error

I am trying to run putty on Windows 7.
I need to run some SSH commands to upgrade Magento. Every time putty gives me this fatal error:
network error: connection refused
I have even tried to use it through winSCP. Note that putty is running fine on my client's side, but for me it's giving me that error every time.
I tried using port 22, 23 and a few others without success. I have also tried with Windows Firewall both enabled and disabled.
Thank you.
Install open-ssh or ssh in target Linux machine solved my problem .
Use below commands:
sudo apt install ssh
sudo systemctl status ssh
sudo systemctl enable ssh
The following are the list of possibilities of this error:
1) Common cause is - Your IP is blocked or not whitelisted in the server which can be done by editing the file at /etc/csf/csf.conf
2) Disable the windows firewall settings and check..
The above two things should work in most of the cases
3) This is very unusual and when the above two options fails it is very difficult to find the solution
In this case the traceroute to the server host or IP works usually but putty fails
port 22 looks normal and working but connection fails and restarting SSH (service ssh restart) also does not work
reboot or restart the server but still fails
Adding IP in firewalls or whitelisting the local IP may not workout
This case generally happens when the server is migrated or new server. IP of the old server might be whitelisted locally, but don't have port 22 open, or some other local filtering is occurring for this new IP but not the old server IP..
In this case you need to change the port to some 522 or 530 some unusual port will help in sorting it out.. The same port you have to use for the SFTP connection also .. where as FTP connections works normally..
or you have to whitelist the IP locally or open the TCP in and out to port 22 if you want to use the port 22..

Resources