I'm trying to connect to a Redshift instance. If I use psycopg2 to test the connection and grab a simple query, I get a:
psycopg2.OperationalError: could not connect to server: Operation timed ouT
Is the server running on host "THE_HOST" (10.0.21.77) and accepting
TCP/IP connections on port 5432?
I have no idea how to diagnose this. My router is set to 192.168.0.1 rather than the 10.0.0.1 config. I'm not sure what I need to pass to make this happen...
Edits: I'm connecting through a VPN. I know the redshift cluster accepts incoming connections over this VPN. I can also connect to the cluster through pgAdminIII or SQLWorkbench
Related
Giving context: I have a FTP server running in IIS in a WS2019 EC2 instance in VPC A that needs to be accessed by VPCs B and C. While the last one is in GCP, A and B are in AWS.
VPCs A and B have a peering connection.
VPCs B and C are connected through a VPN.
VPC C doesn't exchange data with A, except for this FTP server; therefore, sustaining a VPN is expensive for what I need.
I followed this guideline to build the NLB in VPC A, then attached it to a VPC endpoint in VPC B.
How to run an FTPS server behind the AWS Network Load Balancer | by Michael Kirk | Medium
When I test the TCP connection, it works just fine
PS C:\Users\johndoe> Test-NetConnection -ComputerName vpce-0948b61f1f991b98b-1w539hu9.vpce-svc-0ed1458eb15584b09.us-east-1.vpce.amazonaws.com -Port 21
ComputerName : vpce-0948b61f1f991b98b-1w539hu9.vpce-svc-0ed1458eb15584b09.us-east-1.vpce.amazonaws.com
RemoteAddress : 10.70.255.253
RemotePort : 21
InterfaceAlias : WAN
SourceAddress : 10.58.32.20
TcpTestSucceeded : True
But, when I try to connect through the FTP client, I receive the following error message:
Status: Resolving address of vpce-0948b61f1f991b98b-1w539hu9.vpce-svc-0ed1458eb15584b09.us-east-1.vpce.amazonaws.com
Status: Connecting to 10.70.255.253:21...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I.
Command: PASV
Response: 227 Entering Passive Mode (10,74,163,58,43,209).
Command: LIST
Response: 150 Opening BINARY mode data connection.
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Does it make a difference if my passive mode answers with the public or the private IP address? I've checked all the security groups and route tables...
Can someone help me figure out what's going on, please?
You need to understand FTP Passive Mode. The FTP client is connecting to the FTP server at 10.70.255.253:21. The FTP Server is setting up an IP/Port for the LIST command 10.74.163.43:209 and waiting.
The FTP Client is supposed to connect to that IP:PORT. It is not initiating a connection and the FTP server times out after 20 seconds.
Notice the address that the FTP Client is connecting for the command connection (10.70.255.253) to is not the same address (10.74.163.43) the server thinks it should reply with for data transfer commands. You have a configuration problem with the FTP server.
Note: Since the FTP Client is connecting to the FTP Server for data transfer commands on a different port than 21, you must also allow those ingress ports thru the firewall.
Note: Most FTP clients will not connect to a different IP address for security reasons.
I am trying to connect to AWS RDS database using pgAdmin4, I encounter and error:
Unable to connect to server:
could not connect to server: Connection timed out (0x0000274C/10060)
Is the server running on host "database-1.xxxx.eu-west-2.rds.amazonaws.com" (xx.xxx.xxx.xx) and accepting TCP/IP connections on port 5432?
I have tried to Allow Public Accessibility and InBound Rules from my IP. But I am still getting the error? What seems to be the issue?
I was facing the same error but for the MySQL database in rds. What I did was, I
went to http://checkip.amazonaws.com/ and checked the IP shown. I copied that IP and created a new security group by adding two rules, one is your standard all traffic rule, and the second is the one with custom IP which you just copied. Then went to rds and changed VPC security grp to both default and the one I just created. Do this and try to connect again. It worked for me
For a quick test, try opening your inbound rule like this. If it works, then you know the issue is your IP address in your inbound rule:
Once you set this- can you connect?
I am trying to explore a way to connect postgres 13 cloud sql instance with only private IP from my local windows machine ..
I am able to connect through a compute instance tied with the same subnet as a default GCP behavior..
I want it to be secure my cloud instance to be accessible only through a VPN setup.. I have a Open VPN CE installed and whitelisted the Open VPN ip in the GCP firewall rule. Still getting the error message.
psql: error: could not connect to server: Connection timed out
Is the server running on host "{ip_address}" and accepting
TCP/IP connections on port 5432?
There are methods though to connect via private IP having enabled cloud proxy. But is there a way that i can make it happen via other VPNs.?
When you receive this error most of the time it is due to not having
PostgreSQL configured to allow TCP/IP connections or at least no
connections from your particular workstation. Here is a list of
common causes to this problem:
a) postgresql.conf is not set up to allow TCP/IP connections.
You'll want to look at the listen_address configuration parameter.
b) postgresql.conf is not set up to allow connections on a
non-standard port number. To determine this look at the port
configuration option.
c) Authentication rules in PostgreSQL's access configuration file
(pg_hba.conf) are not set up to allow either your user or IP
address to connect to that database. See the
official-documentation for more information on setting up your
pg_hba.conf properly.
d) Ensure that there are no firewalls, such as iptables that are
keeping your local system from even establishing a connection to the
remote host. For common PostgreSQL problems and possible solutions,
check here.
You have to edit the postgresql.conf file and change the line
with 'listen_addresses'. This file you can find in the
/etc/postgresql/13/main directory. To connect PostgreSQL server from other computers, you have change this config line in this way:
listen_addresses = '*'
Then you have to edit the pg_hba.conf file, too. In this file you
have set, from which computers you can connect to this server and
what method of authentication you can use. Usually you will need
similar line:
host all all <IP address> md5
For detailed steps, you can check here.
Finally i had to set the cloud SQL proxy on a f1-micro VM instance having only private IP ..
Whitelisted the port 5432 on the firewall rule.
From table plus i use the private IP of the vm instance to connect to my cloud postgress instance.
Very well If somebody has other alternatives please do let me know.
I created a new Ubuntu T2 Micro instance on EC2.
Created a new Elastic IP and selected "EIP used in: VPC"
Associated the address to my new EC2 Ubuntu instance.
I now have a Private IP and a Public/Elastic IP. No Public DNS.
My security group has SSH port 22 and HTTP port 80 open.
I can connect to the instance just fine through SSH using the Public IP, but when I try to browse to the Public IP through the browser it says connection refused. I can't ping it either.
I'm out of ideas.
Amazon EC2 HTTP connection refused, but HTTP port is open
That's already proven by the fact that you got 'connection refused'. If the port wasn't open it would have been 'connect timeout'.
'Connection refused' means that the service you tried to connect to wasn't listening at that port. Possibly it isn't started at all, or even installed.
You need to install a web server on your machine, such as Apache or Nginx. This is not provided by default in EC2.
go to security groups --> edit inbound rules --> add rule (add a custom TCP port 8888 with 0.0.0.0/0 ).
There are two major things that can happen to your web server.
Connection refused :- Which means there is no service running (http/JBOSS/nginx) on your server which is available to accept connections on port specified (which is 80 in this case)
Connection timed out :- Would mean server is not able to process any incoming connection hitting it at port 80. Once you fix the security group and your NACL (if you don't have a default one), then you need to re-check to see if it's service which is giving out the error, not to forget that the error response will change.
I had to stop then start my ec2 database server running postgresql. Now after it is started, i get the following error message from my django web server
could not connect to server: Connection refused Is the server
running on host "54.235.119.193" and accepting TCP/IP connections on
port 5432?
However because I use elastic IPs and reassigned the same IP (54.235.119.193) I don't think that is the issue. I also am using the same security groups as before, which allow 5432.
I think the only thing that changes when you start/stop is the internal IP but I don't remember using that anywhere in configuration
Any Ideas?
Are you using iptables or selinux? These usually get in the way on restart if not configured properly.