I installed memcached on AWS EC2 Ubuntu, and I can connect it by telnet in the server:
telnet localhost 11211
But how can I connect it from other machine? I know the interval ip is 172.31.17.208, but when I try to connect it from another EC2 by:
telnet 172.31.17.208 11211
the response is
Could not open connection to the host, on port 11211: connect failed.
You will need a Public IP/ Elastic IP if you want to access your Memcache from outside of the AWS.
Your internal IP will work within the VPC and not outside of your VPC. I am guessing the another instance that you are trying to access is not in the same VPC. Try pinging your Memcache server from another instance and check if it is resolved using internal IP.
Edit:
Apart from this, you might need to check your security group and make sure the ports are open for incoming connection.
Related
Can DBeaver create two SSH tunnels and then connect to a database?
I have successfully created one SSH tunnel but not two.
I am trying to connect to an AWS RDS database via Bastion host. Bastion host only allows SSH access from my corporate IP range.
This means that when I am in the office I can connect to the RDS from DBeaver just fine:
My computer is in the allowed IP range
DBeaver creates an SSH tunnel to a Bastion host in my VPC inside the AWS cloud
DBeaver connects to the RDS database
The issue arises when I work from home.
I would have to add "zero" step to have an allowed IP address for the Bastion host connection:
0) Connect to the machine inside the office
I have not yet managed to achieve this. Has anyone got an idea of how to do this?
Kudos to #erik258 for pointing me in the right direction.
I have created an SSH tunnel between an office machine and the Bastion host. When in the office machine, when I access http://localhost:<local_port> I am in effect communicating with the <RDS_endpoint> on port <remote_port>.
Steps:
Create an SSH tunnel from the office machine to the Bastion host. Source
$ ssh -L <local_port>:<RDS_endpoint>:<remote_port> -i <path_to_ssh_key> ec2-user#<Bastion_host public IP>
<local_port> - random port
<remote_port> - port RDS endpoint listens to (5432 for PostgreSQL)
<RDS_endpoint> - endpoint specified on the AWS RDS page
Create DBeaver connection. In the "SSH" section specify your office machine. In "Main" section, set "Host" as localhost, and "Port" as <local_port>.
I have my EC2 instance security group inbound rule to accept my ip as follows:
Outbound rule as follows:
I can connect to my instance using ssh and also ping my instance from my local machine without any issues.
When I have a server running on my EC2 instance on http protocol in port 9999 I am unable to access this site.
netstat -peanut gives me the following output on the server:
I am not sure why I am not able to access the http page locally? Should anything change in my inbound rule? I tested this on Amazon linux and ubuntu images. Nothing works.
Even though I have opened all ports on my security group aws seems to be allowing me to only access the common ports like 22, 80 and so on.
The only way I could finally access my remote server on port 9999 was by ssh tunneling:
ssh -TNL 9999:127.0.0.1:9999 <user>#<ip-address>
I'm trying to launch a socket server on Amazon EC2. It binds the socket to 0.0.0.0:5000 and then listens on this port, printing every incoming message
However, when I simply try to connect to ec2-18-x-x-x.us-east-2.compute.amazonaws.com:5000 via Chrome, it throws an error: ERR_CONNECTION_TIMED_OUT. Of course, when I try to connect to it with a client using socket.connect(), a client is also unable to set up a connection.
I've already added the port to the security group inbound rules like that:
netstat -a shows that this port is open:
I use the public DNS IPv4 address, that is stated in instance description.
As I've successfully launched the server and tested netstat, it's obvious I can connect to EC2 using RDP.
Guided by this troubleshooting manual, I've also checked the route table for subnet and ACL for subnet, but everything was OK.
What's the problem then?
netstat is simply showing that some process is listening on that port, not that the port is "open". You still need to open port 5000 in the Windows firewall.
I created a new Ubuntu T2 Micro instance on EC2.
Created a new Elastic IP and selected "EIP used in: VPC"
Associated the address to my new EC2 Ubuntu instance.
I now have a Private IP and a Public/Elastic IP. No Public DNS.
My security group has SSH port 22 and HTTP port 80 open.
I can connect to the instance just fine through SSH using the Public IP, but when I try to browse to the Public IP through the browser it says connection refused. I can't ping it either.
I'm out of ideas.
Amazon EC2 HTTP connection refused, but HTTP port is open
That's already proven by the fact that you got 'connection refused'. If the port wasn't open it would have been 'connect timeout'.
'Connection refused' means that the service you tried to connect to wasn't listening at that port. Possibly it isn't started at all, or even installed.
You need to install a web server on your machine, such as Apache or Nginx. This is not provided by default in EC2.
go to security groups --> edit inbound rules --> add rule (add a custom TCP port 8888 with 0.0.0.0/0 ).
There are two major things that can happen to your web server.
Connection refused :- Which means there is no service running (http/JBOSS/nginx) on your server which is available to accept connections on port specified (which is 80 in this case)
Connection timed out :- Would mean server is not able to process any incoming connection hitting it at port 80. Once you fix the security group and your NACL (if you don't have a default one), then you need to re-check to see if it's service which is giving out the error, not to forget that the error response will change.
I have set up a a micro EC2 instance on AWS. Currently, I am using the free tier in Oregon. There are two problems which I am facing.
When I try to SSH the instance using the public DNS, it says host does not exist but when I try conencting it using the public IP, it connects to it. What setting is needed to use the public DNS ?
I have opened the SSH client using the IP address. I want to set up my application which needs Node.js and MongoDB. I installed Node.js using this
Next I installed MongoDB using this
Then I connected to my instance using Filezilla and uploaded my code to it. I then start my node application which uses socket.io.
When I try to connect to socket.io server using web browser, I get a message which says connection refused "error 111". I have opened TCP port 80 in instance's security groups. In iptables, I have forwarded port 80 to 8080, but still it does not work. I have also checked that the firewall is disabled in ec2. Kindly help me to resolve this issue.
Did you check if all of the necessary ports are open on Amazon Security Policy?
What you can do is to allow all traffic on Amazon Security Policy for test and see if the connection goes well or not.
You might also check if you need access DB from outside. In that case, you also have to open the mongodb port and setup mongodb correctly as well.
Other tools that might useful to test firewall and connection issue will be tcpdump and syslog file
For the dns issue, did you try to nslookup on that name and see if the IP shown matches your server IP?
As Amazon gives a long DNS hostname for the server, I always use my own domain name. It's much easier.
example : ec2.domainname.com, which points to the Amazon IP address
Hope that help.
My problem is resolved now..
For the DNS issue, earlier I needed proxy to access internet, so I guess the DNS name was not getting resolved. When I tried using proxy free internet, I was able to ssh using public DNS.
And regarding connection to socket.io, I used port 8080 instead of 80 and used "sudo node main.js" to run my node file. Now I am able to connect to the socket.io server and MongoDB.
Another thing which I want to ask is that would running the node file with sudo rights create some security issue ?
Thanks for the answer! That also worked for me. I had the same problem trying to connect through sockets (http://myipaddress:3000) to a node.js server, i tried opening ports on the actual ec2 instance and disabling the firewall through SSH but nothing worked. Had to go to Security Groups on the ec2 console and open a new inbound tcp rule enabling that port