I had been trying to establish a MongoDB database with an exposed REST API (through Crest, then Sleepy Mongoose), but neither of these had been working. I tried to do a minimal sanity test of "Can I connect to that AWS machine or not?", so here's what I tried:
1) I set up a new Amazon instance (Ubuntu 14.04), and I made sure that all incoming TCP connections were accepted.
2) I tried running sudo python -m SimpleHTTPServer 80.
3) This worked when logged into the machine and doing curl http://localhost:80/ and curl http://XX.XX.XX.XX:80/ (the machine's IP address substituted of course). However, on my local machine, the command just timed out.
I'm really looking forward to any guidance here, so I can hopefully go back to what I was originally doing (MongoDB, exposing a REST API, etc.). Really thankful for any suggestions since this has been driving me crazy!!
This is probably a security group issue.
When doing the curl http://XX.XX.XX.XX:80/ on the machine itself, did you try the internal ip (172.x.x.x / 10.x.x.x / 192.x.x.x) or the external ip?
Also, does the machine have an external ip assigned? (I'm guessing it does, otherwise ssh'ing to it would only be possible from another machine in the same subnet.)
Go to the AWS console, open the instance details and check the instance's security groups. Is port 80 open for the world (0.0.0.0/0) ?
Related
I am attempting to run RStudio on an AWS EC2 instance, but it keeps timing out. I am currently following the instructions in this post (https://aws.amazon.com/blogs/big-data/running-r-on-aws/).
From my research, I realize that this is most often a security group issue.
My instance has access to SSH port 22 and Custom TCP port 8787. I've been troubleshooting using this link (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html#TroubleshootingInstancesConnectionTimeout).
I have tried using both default VPC and my own, both of which have the following subnet network ACL rules.
However, my public IPVv4 DNS (http://ec2-18-234-130-212.compute-1.amazonaws.com/) keeps timing out. I cannot access the login page.
A friend who set up their instance using the first link was successful, and as far as I can tell, I have done everything the same.
Any help is greatly appreciated!
Your RStudio works fine. In your URL you have to provide port number: 8787
http://ec2-18-234-130-212.compute-1.amazonaws.com:8787
As you wrote in the question, it seems you are using the link without the port number.
p.s.
As you've setup it currently, your traffic to RStudio goes unencrypted over HTTP. If you are not fine with that, a quick fix would be to use ssh tunnel from the instance to your local workstation. With this can close port 8787 as all traffic goes over port 22 and ssh.
Do you access the login page in web browser? If you doing that, you forgot to open port 80/443
I'd like to configure my coldfusion instance to connect to a MySQL database over SSH but I'm not really sure how.
Basically, I have an EC2 instance in the same region as an RDS instance for the purposes of a development environment. I want to hook into my Production RDS instance so that I can do some tests with production data for a specific feature I'm working on but it's turning out to be quite a bit of trouble since it's in a different region.
I'd rather not alter AWS in any way to achieve this. So far the only thing I could think to try was to SSH into my EC2 instance and setup a tunnel like this
ssh -i ./mykey.pem -N -L 3306:localhost:3306 username#host_ip
When I enter this command I don't see any output but I assume it is running, however when I try to access my EC2 instance via the web I see this error: Timed out trying to establish connection
Is there something wrong with my setup? I know I have the correct key, credentials, and host but I am a bit confused on the ports. I figured my coldfusion admin panel is looking on port 3306 and my database is served on port 3306 so 3306:localhost:3306 seems correct to me but obviously I am doing something wrong.
I am following the code labs https://www.spinnaker.io/guides/tutorials/codelabs/gce-source-to-prod/ but I am facing a problem in creating server group in STEP-1. (Deploy stage). The page is getting loaded for infinite time. I think I can say It is not going beyond that point. I am able to come up to this step only if I am using AZURE or any other local machines. If I use Google Cloud Instance to do SSH tunneling I am not even able to create a application. Can you please help me.
You might need to do some additional troubleshooting to determine where the problem is. For example, run netstat on the machine to see whether it's listening on port 9000. See if you can create a firewall rule allowing inbound traffic on that port and then try to connect directly without using the SSH tunnel.
I followed everything in exact same order as refered here :Amazon Set Up Documentation. I also read many SO answers but everyone suggested on checking the security group and route tables. I did everything none of them helped.
I have a USB Dongle which I use to surf internet. Its IP changes everytime I disconnect the dongle and reconnect it. But if I stay connected its IP remains same. So I did created a security group my_ip/32 and launched an ec2 instance. So without disconnecting my dongle i.e keeping my IP intact I tried to connect to the instance through SSH with simple
ssh -v -i my-key-pair.pem user#public_dns
command but with no luck.
But the funny thing is I can connect to the ec2 instance if I change my security group to 0.0.0.0/0 which is not suggested by amazon because of security issue.
Does anybody has faced the similar situation. Or Amazon did miss something in their documentation.
NOTE:
I also enable firewall in ubuntu for ssh as follows:
sudo ufw allow ssh/tcp
sudo ufw enable
Am I missing something??
When you google 'what is my ip' does it give you the result you expected for my_ip? Google will report back the IP the outside world sees you as.
I have a feeling you might be going through a NAT router which you're recieving DHCP from, as such you're dongles IP isn't even being seen by EC2 to match a security group.
I have set up a a micro EC2 instance on AWS. Currently, I am using the free tier in Oregon. There are two problems which I am facing.
When I try to SSH the instance using the public DNS, it says host does not exist but when I try conencting it using the public IP, it connects to it. What setting is needed to use the public DNS ?
I have opened the SSH client using the IP address. I want to set up my application which needs Node.js and MongoDB. I installed Node.js using this
Next I installed MongoDB using this
Then I connected to my instance using Filezilla and uploaded my code to it. I then start my node application which uses socket.io.
When I try to connect to socket.io server using web browser, I get a message which says connection refused "error 111". I have opened TCP port 80 in instance's security groups. In iptables, I have forwarded port 80 to 8080, but still it does not work. I have also checked that the firewall is disabled in ec2. Kindly help me to resolve this issue.
Did you check if all of the necessary ports are open on Amazon Security Policy?
What you can do is to allow all traffic on Amazon Security Policy for test and see if the connection goes well or not.
You might also check if you need access DB from outside. In that case, you also have to open the mongodb port and setup mongodb correctly as well.
Other tools that might useful to test firewall and connection issue will be tcpdump and syslog file
For the dns issue, did you try to nslookup on that name and see if the IP shown matches your server IP?
As Amazon gives a long DNS hostname for the server, I always use my own domain name. It's much easier.
example : ec2.domainname.com, which points to the Amazon IP address
Hope that help.
My problem is resolved now..
For the DNS issue, earlier I needed proxy to access internet, so I guess the DNS name was not getting resolved. When I tried using proxy free internet, I was able to ssh using public DNS.
And regarding connection to socket.io, I used port 8080 instead of 80 and used "sudo node main.js" to run my node file. Now I am able to connect to the socket.io server and MongoDB.
Another thing which I want to ask is that would running the node file with sudo rights create some security issue ?
Thanks for the answer! That also worked for me. I had the same problem trying to connect through sockets (http://myipaddress:3000) to a node.js server, i tried opening ports on the actual ec2 instance and disabling the firewall through SSH but nothing worked. Had to go to Security Groups on the ec2 console and open a new inbound tcp rule enabling that port