I have an EC2 instance running a Go server on port 8090.
In my EC2 instance, I added a security group which accepts inbound requests from all protocols and all ports.
I created a new user on AWS, and added the Access Key and Secret Key (under Auth) of that user while making a new request through Postman.
I then tried to make a request, but the request always times out.
How can I connect to EC2 server through Postman? Am I doing something wrong?
Response:
If you created the ec2 server under the default subnet zone, then its not subnet connectivity issue.
you need to check the following
is your go server listing to all addresses or just local address
you can use the following command
netstat -anlp | grep 8090
if you see 0.0.0.0 then you're good otherwise you need to change the listener
check if your OS has a firewall, if you use centos for example:
https://linuxize.com/post/how-to-stop-and-disable-firewalld-on-centos-7/
Related
I just launched a instance on AWS and I'm trying to open the website. So I copy the Public IPv4 address and paste it on my page. But it always returns This site can’t be reached 35.78.183.239 took too long to respond.
I've changed my firewall setting to access google chrome and set security groups HTTP, HTTPS. I can't figure out where the problem is. Any suggestions?
You didn't specify what webserver or AMI is on your EC2 instance.
You need to setup an AMI or manually install and setup a webserver for anything to show, otherwise the EC2 instance, while reachable, will not respond.
Make sure that ssh access is enabled and try ssh into the machine. If you can successfully login, then you know the instance is reachable and the problem is with your webserver software. This will help you debug.
What port is your application running on? When you enable HTTP and HTTPS it only allows ports 80 and 443 on the security group. This won't help if your application runs on a different port, so you'll need to add that to your security group to allow inbound traffic.
I have my ec2 instance running a docker image and id like to test the functionality of my routes with postman, however whenever I ping the ec2 public dns, it says connection refused. I have the security group opened up for all traffic from my machine and am running the postman desktop app. The example route I'm trying to hit is
https://{IP address here}.compute-1.amazonaws.com:6000/register
and I'm sending a post request with some json in it. All of this works fine on my local machine. Please tell me what I'm missing?
You can't use https:. Instead you must use http: as default EC2 instance url does not support HTTPS. For valid https, the easiest way is to setup ALB or set it up on an instance directly.
I have configured a Hashicorp Vault server on a EC2 instance. When trying to use postman to test transit secret engine API I keep getting a error connection refused on postman, I went full ape mode and opened all ports on the security group inbound rule and it didn't work, I attached an elastic IP to the instance and didnt work either, im just trying with a simple GET and I just keep getting the same connectionrefused error.
When I use cUrl on the ssh connected session i have no issues though. The specified hosted adress is 127.0.0.1:8200, in postman I replaced that localhost with the public adress of the instance that i obviously censored in the screencap, in the headers theres the token needed to access vault, for simplicity I was just using the root token.
Postman screecap if it helps
#Emilio Marchant
I have faced similar issue (not with postman, but with telnet), Let's try to understand problem here.
The issue is with 127.0.0.1 IP. This is loopback IP and When you (or your computer) call an IP address, you are usually trying to contact another computer on the internet. However, if you call the IP address 127.0.0.1 then you are communicating with the localhost – in principle, with your own computer.
Reference link : https://www.ionos.com/digitalguide/server/know-how/localhost/
What you can try is below.
Start vault dev server with --dev-listen-address parameter.
Eg:
vault server -dev -dev-listen-address="123.456.789.1:8200"
in above command replace '123.456.789.1:8200' with '<your ec2 instance private IP : 8200'>
Next set VAULT_ADDR and VAULT_TOKEN parameter as below
export VAULT_ADDR='http://123.456.789.1:8200'
export VAULT_TOKEN='*****************'
Again replace 'http://123.456.789.1:8200' with 'http://[Your ec2 instance private IP]:8200'
For Vault_token : you should get a root token in console, when you start vault server , use that token
Now try to connect from postman or using curl command. It should work.
Reference question and solution :
How to connect to remote hashicorp vault server
The notable thing here is that the response is "connection refused". This error means that the connection is getting established and it found that there are no processes running on that port. This error means that there is no issue with firewall. A firewall will cause the connection to either drop (reject) or timeout (ignore), but won't give "Econnrefused".
The most likely issue is that the vault server process is not bound to the correct network interface. There must be a configuration in hashicorp-vault to setup the IP on which to bind. Most servers, by default, bind only on loopback address which is accessible only from 127.0.0.1. You need to bind it to "all" network interfaces by changing that to 0.0.0.0. I am not aware of the specific configuration option of hashicorp vault, but there has to be something to this effect.
Possible security issue:
Note that some servers expect you to run it behind a reverse proxy so that you can setup SSL (https) and other authentication if needed. Applications like vault servers should not be publicly accessible on http without SSL.
I have a compiled Go project that I want to deploy to an AWS EC2 instance. I just simply upload the application and run ./application on the remote server.
In the terminal, the application is running and says he's listening to localhost:3000.
I've already added the 3000 port to the security group.
However, when I tried to access it in my browser using <public-ip>:3000, it always shows connection refused, whether I've run the application or not.
I tried to run the app locally, it does work.
So is it because I deploy it incorrectly?
It is a bit difficult to help you because of no code being shared.
Some reasons why you got connection refused:
Your application is listening only localhost:3000
EC2 security group does not expose port 3000
How to fix:
Most applications are defining the host address on a config file or env variables. If you have access to change it, change it from localhost:3000 to 0.0.0.0:3000 to accepts connection from all IP or to your_ec2_public_ip:3000
If host address is hardcoded and you have access to code, change the code per above
If you don't have access to config or code to change the host address, then add a reverse proxy to route the incoming call to localhost:3000. This is a good link about using Nginx as reverse proxy https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
Ensure EC2 Security Group allowing inbound connection for the designated port, in this case, is 3000 if you manage to route the incoming to your_ip:3000
I have a AWS EC2 instance running and I am supposed to access the localhost URL of the instance. Whenever I try the localhost:port/index.html URL I get a server not responding error. I tried using the public IP of the instance instead, but that failed. I configured AWS by exposing the particular port number for the inbound traffic (IP : 0.0.0.0/0) that did not work either. How should I configure so that I can access the URL?
If a service is running at localhost:45984 on an EC2 instance, you cannot access that server from your browser on your local machine unless you employ port forwarding.
Here's a good article that explains the different concepts:
https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding
I believe what you want is local port forwarding, where you set up a tunnel so that you can access "localhost:45984" on your EC2 instance from some port you specify on your Mac.