I'm running an analytical application on an Azure VM and need to connect to a Redshift database.
Both of these softwares have complex company security policies that I've tried to unravel. All necessary ports are open, accepting incoming and outgoing. But when I try to connect to Redshift using the ODBC Administrator on the Azure, I get this error:
[Amazon][Amazon Redshift] (10) Error occurred while trying to connect: [SQLState HY000] fe_sendauth: no password supplied
I have supplied a password to the ODBC connection, why is this happening?
Also, when clearing IP addresses to connect to the Azure, which IP do I use for the Redshift? All the IPs associated with the compute nodes, or the IP that comes back when I check the IP address of the Redshift endpoint?
Thanks!
Related
I am trying to explore a way to connect postgres 13 cloud sql instance with only private IP from my local windows machine ..
I am able to connect through a compute instance tied with the same subnet as a default GCP behavior..
I want it to be secure my cloud instance to be accessible only through a VPN setup.. I have a Open VPN CE installed and whitelisted the Open VPN ip in the GCP firewall rule. Still getting the error message.
psql: error: could not connect to server: Connection timed out
Is the server running on host "{ip_address}" and accepting
TCP/IP connections on port 5432?
There are methods though to connect via private IP having enabled cloud proxy. But is there a way that i can make it happen via other VPNs.?
When you receive this error most of the time it is due to not having
PostgreSQL configured to allow TCP/IP connections or at least no
connections from your particular workstation. Here is a list of
common causes to this problem:
a) postgresql.conf is not set up to allow TCP/IP connections.
You'll want to look at the listen_address configuration parameter.
b) postgresql.conf is not set up to allow connections on a
non-standard port number. To determine this look at the port
configuration option.
c) Authentication rules in PostgreSQL's access configuration file
(pg_hba.conf) are not set up to allow either your user or IP
address to connect to that database. See the
official-documentation for more information on setting up your
pg_hba.conf properly.
d) Ensure that there are no firewalls, such as iptables that are
keeping your local system from even establishing a connection to the
remote host. For common PostgreSQL problems and possible solutions,
check here.
You have to edit the postgresql.conf file and change the line
with 'listen_addresses'. This file you can find in the
/etc/postgresql/13/main directory. To connect PostgreSQL server from other computers, you have change this config line in this way:
listen_addresses = '*'
Then you have to edit the pg_hba.conf file, too. In this file you
have set, from which computers you can connect to this server and
what method of authentication you can use. Usually you will need
similar line:
host all all <IP address> md5
For detailed steps, you can check here.
Finally i had to set the cloud SQL proxy on a f1-micro VM instance having only private IP ..
Whitelisted the port 5432 on the firewall rule.
From table plus i use the private IP of the vm instance to connect to my cloud postgress instance.
Very well If somebody has other alternatives please do let me know.
I created a new SQL Server Express with 'admin' username & password.
I added inbound rules in Security Groups to allow all traffic from my laptop's IP address & default gateway (Do I need to do both Ipv4 address & also the gateway for connectivity to go thru?)
When I tried to connect to the newly created SQL Server via SSMS using SQL Server authentication with username admin & password that I used while creating the Instance. The connection fails with the error message below. What am I doing wrong?
TITLE: Connect to Server
Cannot connect to sql-xxxxxxxxxxxxx.rds.amazonaws.com.
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
Check Public access for RDS Instance: You are trying to access the RDS instance from your laptop - means trying to access RDS from outside VPC that is hosting the instance. In that case you must enable public access to the RDS instance. This would assign a public IP. You can modify this feature after creating the RDS instance too.
Security Group rules: Port 1433 must be opened for the IP address you would like to access from - your home/work IP address. You can select 'My IP' on source when creating Security Group rules, this will set your IP automatically as source.
PS: Please make sure the subnet where RDS instance is hosted does not have any blocks at NACL level and subnet's route table has route to internet traffic, through Internet Gateway.
So basically - I've enabled RDS Proxy (still in Preview) for my Aurora MySQL DB and the Proxy is created and available for use.
The Proxy uses a DB User/Pwd combination sourced from Secrets
Manager to connect to the MySQL DB.
The Proxy can be accessed without Authentication (IAM role based
authentication is supported but I've not configured it yet).
When I connect to the proxy endpoint it fails with "Failed to Connect to MySQL" on my MySQL client and on the Cloudwatch logs for the Proxy I see the following 2 lines for each connection attempt..
[INFO] [clientConnection=3488645722] New client connection from 10.XX.XX.XX:63344
[INFO] [clientConnection=3488645722] Client connection closed. Reason: Internal error.
Cloudwatch Metrics just reports increase in ClientConnectionsReceived metric for each connection attempt and no change to the ClientConnectionsClosed metric.
So basically I am clueless as to why the client connection is getting closed.. Any hints/clues would be much appreciated..
Try one of those:
Ensure your user is created in the RDS Database. Test that you able to connect directly with that user.
Ensure RDS proxy security group is whitelisted in the RDS security group.
On the secrets manager ensure you've selected the right RDS database.
I'm getting an error in configuring a database connection in a Google Cloud Data Fusion Pipeline.
"Encountered SQL error while getting query schema: Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server."
We can't connect outside of the company building as the company IP's are whitelisted in AWS security settings. I can query easily using mysql workbench inside the company so, I'm guessing I need to add some IPs to our AWS security groups to provide Data Fusion permissions? I can't find a guideline on this. Where can I find the ip's required to provide in AWS? (Assuming that might fix it)
I've added a mysql plugin artefact using 'mysql-connector-java-8.0.17.jar', which is referred to by plugin name 'mysql-connector-java'.
Do VPN between your GCP VPC and your AWS VPC where your RDS is residing
https://cloud.google.com/solutions/using-gcp-apis-from-an-external-network
https://cloud.google.com/solutions/automated-network-deployment-multicloud
Simple way
Create Haproxy with public IP
Data Fusion --> VM Haproxy Public IP --> AWS RDS Private IP
I have created a Database using SQL Server in Visual Studio. I have an Azure account where I want to store my datasabe. The problem is that I need to get the IP Address from the Azure account to write it in the code line.
This is the line I am refering to
(SQLDriverConnect(SQLConnectionHandle, NULL, (SQLCHAR*)"DRIVER=(SQL Server); SERVER=, ; DATABASE= projectBD; UID= myID; PWD= myPW", SQL_NTS, retConString, 1024, NULL, SQL_DRIVER_NOPROMPT))
In the SERVER part I need to write the IP of the server but I do not really know how to get it.
Help is much appreciated
By default, you use the DNS Name for the SQL Server to connect to. That's something like yourservername.database.windows.net.
For more information on Azure SQL connectivity, see Azure SQL Connectivity Architecture.
Taken from that article:
Connection Policy Proxy: all connections are proxied via the Azure SQL Database gateways. To enable connectivity, the client must have outbound firewall rules that allow only the Azure SQL Database gateway IP addresses (usually two IP addresses per region).
And
If you are connecting from outside Azure, your connections have a connection policy of Proxy by default. A policy of Proxy means that the TCP session is established via the Azure SQL Database gateway and all subsequent packets flow via the gateway.
The article also holds a list of all Azure SQL Database gateway IP addresses you could use to determine the IP address to use.