I am running a java application on a remote server that opens port 7462 for a telnet connection to issue simple commands. I have established a VPN connection (using openvpn) between my local machine and the remote server, but cannot telnet from my local machine to port 7462. The IP address of my vpn server is 10.8.0.1. I am also running postfix on my remote server and am able to telnet to port 25 without any issues. The following commands yield the below results:
On my local machine:
$ telnet 10.8.0.1 25
Trying 10.8.0.1...
Connected to 10.8.0.1.
Escape character is '^]'.
220 xxxxx.com ESMTP Postfix (Debian/GNU)
quit
221 2.0.0 Bye
Connection closed by foreign host.
$ telnet 10.8.0.1 7462
Trying 10.8.0.1...
Connected to 10.8.0.1.
Escape character is '^]'.
Connection closed by foreign host.
$
On the remote server:
$ netstat -plnt | grep -P "7462|25"
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN -
tcp 0 0 10.8.0.1:7462 0.0.0.0:* LISTEN 6463/java
tcp6 0 0 :::25 :::* LISTEN -
$ telnet 10.8.0.1 7462
Trying 10.8.0.1...
Connected to 10.8.0.1.
Escape character is '^]'.
exit
OK Goodbye
Connection closed by foreign host.
An iptables -L command on both the local and remote machine show that I have no firewall rules established and I have not specifically configured any routes.
I can't figure out why I can connect to the remote server's port 25 from my local machine, but not port 7462. From the remote server though I can connect to port 7462 using the 10.8.0.1 IP address. I'd be happy to provide any additional information and thanks in advance for you help
-Nathan
I figured out my problem. The application was limiting the IP addresses that could connect on the 7462 port and it was a configuration item that needed to be set (default was just localhost). I feel a little silly for such a simple answer, but thanks for the suggestions!
I figured out my problem. The application was limiting the IP addresses that could connect on the 7462 port and it was an (obscure) configuration item that needed to be set (default was just localhost). I feel a little silly for such a simple answer, but thanks for the suggestions!
Related
I am trying to connect to tensorboard on my google compute engine instance but it is not working.
I have an anacondo distribution and use:
tensorboard --logdir=/logs
to create my tensorboard at default port 6006.
I also allowed HTTP/HTTPS traffic at my instance and also edited my firewall rules to allow traffic at:
IP ranges: 0.0.0.0/0
tcp:6006
udp:6006
But, when I try to acess my tensorboard at
http://EXTERNAL_IP:6006
I get a timeout loading.
Can anybody help me?
Normally this type of configuration is related to port communication issues. Go ahead and get all the available ports with nmap, and you should see something as following:
$ nmap -Pn [YOUR IP ADDRESS]
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-wbt-server
Once, you confirm if the port "6006" is open, check if it can connect to your server with a telnet:
$ telnet [YOUR IP ADDRESS] [YOUR PORT]
telnet: Unable to connect to remote host: Connection refused
If you get "connection refused" make sure not only that this port is "open" but that it's "listening" as well (remember this needs to be configured on your application in your web server). You can check that with a netstat as following:
$ netstat -an | egrep -w “6006”
And you should see something like this (example for port 22):
$ netstat -an | grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
If it says 127.0.0.1 on the Local Address column, it means that port is ONLY listening for connections from your PC itself, not from the Internet or network. If it says 0.0.0.0, it means that port is listening on all 'network interfaces' (i.e. your computer, your modem(s) and your network card(s)).
Thus, the IP you need is the one as the example (0.0.0.0), since this means all IPs can reach that specific port. Plus, you must see the “Listen” status.
In addition, make sure to set up properly the Firewall rules in GCP and your software running on the instance itself to allow traffic to/from this port “6006” in specific, either to any instance or to a specific one using network tags.
I'm desperate for help. I have spent almost a day now trying to figure out why cURL is suddently throwing curl: (7) Failed to connect to magento.localhost port 80: Connection refused on local vhosts after I restarted macOS High Sierra.
My setup worked without problems before – ping still works, opening the domain in the browser also works as expected. What is going on??
ping magento.localhost
PING magento.localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.034 ms
host magento.localhost
magento.localhost has address 127.0.0.1
magento.localhost has IPv6 address ::1
scutil -r magento.localhost
Reachable
apachectl configtest
Syntax OK
netstat -a | grep http | grep LISTEN
tcp46 0 0 *.http . LISTEN
curl -v magento.localhost
Rebuilt URL to: magento.localhost/
Trying 127.0.0.1...
TCP_NODELAY set
Connection failed
connect to 127.0.0.1 port 80 failed: Connection refused
Failed to connect to magento.localhost port 80: Connection refused
Closing connection 0
curl: (7) Failed to connect to magento.localhost port 80: Connection refused
I have tried every suggestions I found! - thank you so much for your help!
Nic3500, you saved my life! After your comment I found out that my vhosts produced different results than localhost itself.
telnet magento.localhost 80
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection
refused telnet: Unable to connect to remote host
telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
So I have changed /usr/local/etc/dnsmasq.conf to address=/localhost/::1 and
/private/etc/resolver/localhost to nameserver ::1 and now cURL is working alongside with everything else.
Thank you very much!
I'm trying to run a ssh SOCKS server on Windows 7 (listening on port 12345).
Here's the output I get on Cygwin:
$ ssh -v -D 12345 localhost
OpenSSH_6.8p1, OpenSSL 1.0.2c 12 Jun 2015
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection refused
ssh: connect to host localhost port 22: Connection refused
Why is it trying to connect to localhost:22?
Looks like it's trying to reach sshd running on localhost.
I thought the ssh client was enough to set up a local SOCKS server. If it isn't, why do I need sshd running?
From https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding:
"Dynamic port forwarding turns your SSH client into a SOCKS proxy server"
To explain why you need a (remote) ssh server, ssh can do three (or four) kinds of forwarding; quoting the man page:
-L Specifies that the given port on the local (client) host is to be
forwarded to the given host and port on the remote side. This
works by allocating a socket to listen to port on the local side,
optionally bound to the specified bind_address. Whenever a con-
nection is made to this port, the connection is forwarded over
the secure channel, and a connection is made to host port
hostport from the remote machine. [...]
-R Specifies that the given port on the remote (server) host is to
be forwarded to the given host and port on the local side. This
works by allocating a socket to listen to port on the remote
side, and whenever a connection is made to this port, the connec-
tion is forwarded over the secure channel, and a connection is
made to host port hostport from the local machine. [...]
-D Specifies a local ``dynamic'' application-level port forwarding.
This works by allocating a socket to listen to port on the local
side, optionally bound to the specified bind_address. Whenever a
connection is made to this port, the connection is forwarded over
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
as a SOCKS server. [...]
-X and -Y enable forwarding for X11. This is a small but convenient variation of -R.
Note that in all cases the data is forwarded over the ssh tunnel, from the local machine to the ssh server or the reverse, and (therefore) the ssh tunnel must exist for the data to be forwarded over. The only difference between -L and -D is that -D uses SOCKS4/5 on the local end to specify where the remote end connects to.
If you want a SOCKS proxy that connects directly from the proxy to the destination, not over an ssh tunnel, you need a plain SOCKS proxy, not ssh+sshd.
Your trying to connect without a port. So port 22 is used. Once that connection is open then SSH will set up the socks proxy on the port you specified (12345)
You need to connect to a valid SSH server. You specify the port with the -p flag
VirtualBox Port Forwarding on Windows 7 not Working
Im trying to ssh onto my VirtualBox from my Windows 7 host via port forwarding, but VirtualBox wont open the port for listening. I can connect to it by turning on the VirtualBox GUI and navigating via that terminal, but I cannot connect via a standard ssh client from my host. I want to be able to ssh on port 2222 on my host to the guest.
Here's my setup:
Host: Window 7 SP1
Guest: Ubunto Ubuntu 12.04
VirutalBox: 4.3.26
Host Processor: Intel Core i7 920
The guest machine is configured as a NAT and port forwarding is enabled for 127.0.0.1 for host port 2222 to guest port 22.
The output from ifconfig on the guest:
eth0 inet addr:10.0.2.15 Bcast:10.0.2.255 Mask: 255.255.255.0
The output from ps -ef | grep sshd on the guest:
root 625 1 0 12:27 ? 00:00:00 /usr/sbin/sshd -D
The output from netstat -ant | grep 22 on the guest:
tcp 0 0 0.0.0.0:22 0.0.0.0:*
tcp6 0 0 :::22 :::*
But on the host, netstat -ant | grep 2222 doesnt show anything.
In the VBox.log however I have this:
00:00:03.413790 NAT: set redirect TCP host 127.0.0.1:2222 => guest 10.0.2.15:22
00:00:03.424301 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\Windows\mfnspstd64.dll: WinVerifyTrust failed with hrc=Unknown Status 0x800B0101 on '\Device\HarddiskVolume2\Windows\mfnspstd64.dll'
00:00:03.424422 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\mfnspstd64.dll' (C:\Windows\mfnspstd64.dll): rcNt=0xc0000190
00:00:03.424476 NAT: failed to redirect TCP 127.0.0.1:2222 => 10.0.2.15:22
The last line looks like the suspect but there's no clue as to why it fails to redirect. I've tried all of the following from various other posts and forums but cant get it to listen on any port on the host:
Turned off the firewall
Changed the port
Enabled VT-X on BIOS
Disabled Hyper-V
Tried numerous different builds of VirtualBox
Any help would be much appreciated. Works fine on my Mac Book with OS-X.
Did you set forwarding in machine settings ?
To forward ports in VirtualBox, first open a virtual machine’s settings window by selecting the Settings option in the menu.
Select the Network pane in the virtual machine’s configuration window, expand the Advanced section, and click the Port Forwarding button. Note that this button is only active if you’re using a NAT network type – you only need to forward ports if you’re using a NAT.
Use VirtualBox’s Port Forwarding Rules window to forward ports. You don’t have to specify any IP addresses – those two fields are optional.
Also here: http://www.howtogeek.com/122641/how-to-forward-ports-to-a-virtual-machine-and-use-it-as-a-server/
I found the solution in a hypernode-vagrant issue: VirtualBox fails to establish the port forwarding for SSH on Vagrant's standard port 2222, but higher ports work. In that issue, ports >= 4000 worked, whereas ports <= 3500 would fail. On my machine running Windows 10, I found 2380 to be the first port for which the TCP redirect can be established.
The port on the host used for forwarding can be changed by adding the following lines to your Vagrantfile (where you may have to replace 4000 by a higher number):
config.vm.network :forwarded_port, guest: 22, host: 2222, disabled: true
config.vm.network :forwarded_port, guest: 22, host: 4000, id: "ssh"
I have no idea what the root cause for this behavior could look like, but the workaround has been working reliably so far.
I used this article to ssh into my Raspberry pi3 VM.
Using this command ssh -p 2222 pi#localhost.
Originally, I had kept trying to use ssh pi#10.0.2.x -p 2222, but it didn't work and kept returning a "Connection timed out." My port number is 2222, but yours could be different depending what you set in your VirtualBox.
I am using a Windows 10 into a Debian Raspberry Pi VM (VirtualBox).
I am doing a local forwarding to the remote port at 80 which the apache2 is listening on like this ssh -L 80:localhost:80 user#host.com , so it connects me to the remote server, however I find I can still do mkdir rm and such commands. Isn't it so that I am only forwarded to application listening on port 80? so what's the difference to this command ssh -p 22 host.com ? Is there a way to test if this port forwarding is working?
Yes, you can Test as follows:
You should use a Client program on one Side and A Server Program on the other remote side.
Try to connect your client to your server according to ports and IP's used in your port forwarding by Netsh Cmd.
If connection succeed , that is it, if connection fails, that means port forwarding command was failed, or your ip and port configuration of your client and server is wrong.
More over if you send a text file to the server, you should receive it.
I hope that this will help.
Thanks.
You can listen on port 80 with netcat like this on the host ...
nc -l -p 80
... and then either send something back with netcat ...
nc host.com 80 <<< hello
... and see if you get a "hello" on the server, or use nmap :
nmap host.com -p 80
You can also use nmap the same way if you already have a server listening on port 80, like apache.
Just note that nmap will say it's closed unless there is something listening on that port.