I just tried to create 3 ubuntu VMs on Virtualbox. then I tried to connect each machine to another machine using ssh but it failed.
"I noticed that the 3 VMs has the same IP, So I made static IP to each machine"
So kindly find the below steps:
$ sudo apt install ssh
$ sudo systemctl enable ssh
$ sudo systemctl start ssh
$ sudo ufw allow ssh
$ ssh username#ip
do a test of communication with these vms through ping.
If the communication is ok your problem must be related to the firewall.
You can disable your linux environment's firewall temporarily to test if this is really the problem.
If the problem is due to the firewall, you must create the release rule for a specific port. By default it is port 22.
Test suggestion: Stop SELinux and FirewallD or any other firewall in your distribution and retest
Related
On Ubuntu if I use the command: sudo disable ufw then it can access my server on any port.
Once I enable firewall again then I run command: sudo ufw allow 9090/tcp then I start my spring boot website on port 9090. Now I use the command: curl http://server_id:9090 => It still block me. If I disable firewall then It can run
Who know root cause? How can I enable firewall and allow on a particular port.
Thanks
I have set up a VM in azure with Redhat Linux OS, I have installed Httpd service and placed a static webpage to access.
I am not able to access my VM via browser with public IP set on my VM. Although, I am able to ssh into the machine.
Steps I have already tried:
Set an inbound rule on the network security group for port 80, 443, 22(ssh).
Attached this NSG to both VNET & NIC but no luck.
Tried the same in AWS EC2 instance it works like a charm. Not sure why Azure is not that straight forward.
Tried to find the solution online and documentation but no luck.
Please help if you have any idea how can I access my app via a browser.
Please check, if SELINUX is configured correctly
Redhat reference here: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/managing_confined_services/chap-managing_confined_services-the_apache_http_server
Thanks,
Manu
Thanks Manu for your suggestion. But I found that Linux firewall was blocking it. So here is what I did:
Since I am using RHEL 8, the inbuilt firewall is via Firewalld not iptables(which is there for RHEL 6 and before).
1- By default, only port 22 open in firewalld. "firewall-cmd --list-all" command will show the details.
2- Added HTTP port. By using below 2 commands
$ sudo firewall-cmd --zone=public --add-service=http --permanent
$ sudo firewall-cmd --reload
3- Verify the change by using any of the below commands:
$ sudo firewall-cmd --list-services
$ sudo firewall-cmd --list-services --permanent
Please refer this link for more details:
https://www.cyberciti.biz/faq/configure-set-up-a-firewall-using-firewalld-on-rhel-8/
I try to access my node.js server running on Ubuntu. My PC is connected with TP-link router. Now, I want to access node services from other IP(not from my local host or local IPs). What can I do? I used following code.
Note: This server works fine and accessible from local IP but can't access from my public IP
http.listen(6000,"0.0.0.0",function(){
log.info("server started");
})
You have to use :-
iptables -A OUTPUT -p tcp --sport 8080 -j ACCEPT
for the outgoing rule (not dport). Apart from that, maybe there's an earlier rule that blocks the traffic? Try iptables -L.
Ubuntu have very good firewall and default system is not allow to external IP to response
In express and node js or any server like that
http.listen(6000,"0.0.0.0",function(){
log.info("server started");
})
It will work on your IP, localhost and public IP
but on external IP can't access it
first of all replace
localhost -> 0.0.0.0
when you want to run frontend and backend simultaneously
then it is better to use public IP directly instead of 0.0.0.0
If you are using ubuntu then we need to change in firewall settings using ufw
UFW is installed by default on Ubuntu. If it has been uninstalled for some reason, you can install it with apt-get:
sudo apt-get install ufw
then
sudo nano /etc/default/ufw
check this line and make it yes
IPV6=yes
save file using Ctrl-X to exit the file, then shift + y to save the changes that you made, then ENTER
At any time, you can check the status of UFW with this command:
sudo ufw status verbose
By default, UFW is disabled so you should see something like this:
Output:
Status: inactive
Not most important point
sudo ufw allow portNumber // here portNumber is port-number in integer
in your case
sudo ufw allow 6000
and allow
sudo ufw allow http
for more rules and firewall on ubuntu click here
I know a little about Linux. Today I created a VPN server on my Ubuntu installation according to Set up a simple IPsec/L2TP VPN server for Ubuntu, Arch Linux and Debian.
But when I finish the installation, I use my iPhone to connect the IPsec VPN, bur it shows the VPN Server has no response.
The GitHub document shows
Ports 1701, 500 and 4500 must be opened for the VPN to work!
So I have tried to open these ports on my Ubuntu server.
I use the iptables command to open these ports, but it failed. Maybe I don't known how to use this command correctly. How can I open these ports on my Ubuntu server?
And if these ports have been opened successfully, can it be proved by the Windows CMD window through telnet'ting the port?
Ubuntu these days comes with UFW - Uncomplicated Firewall. UFW is an easy-to-use method of handling iptables rules.
Try using this command to allow a port:
sudo ufw allow 1701
To test connectivity, you could try shutting down the VPN software (freeing up the ports) and using netcat to listen, like this:
nc -l 1701
Then use telnet from your Windows host and see what shows up on your Ubuntu terminal. This can be repeated for each port you'd like to test.
If you want to open it for a range and for a protocol
ufw allow 11200:11299/tcp
ufw allow 11200:11299/udp
I installed a tomcat7 server on a ubuntu 12.04 box. I simply used "apt-get install tomcat7". I did not install apache2. I can access the default page from localhost:8080, 127.0.0.1:8080, and 192.168.1.201:8080, where the latter is the IP address from my LAN. my end goal is to be able to access the web server from outside the LAN with port forwarding. For now, however, I can't even access it inside the LAN.
Problem:
I can't access the web page from any other computer (windows 7, iPad) on the same LAN! I
get the "connection has timed out" error from the browser.
Question: Can I run tomcat on it's own without installing Apache2 first? This is the current setup and I can access pages hosted on tomcat on the same server, but not over the LAN.
Other information:
I can ping the ubuntu computer from other machines
The ubuntu firewall is disabled (checked via the firewall GUI interface).
I also tried "sudo ufw disable"
I tried: "sudo service iptables stop" and got the message: "iptables: unrecognized service"
I also tried disabling the appArmor firewall:
sudo /etc/init.d/apparmor stop
sudo /etc/init.d/apparmor teardown
sudo update-rc.d -f apparmor remove
I set the router firewall policy to minimum: inbound: accept all; outbount: accept all.
All computers (including ubuntu server) are connected to LAN via wireless
The ubuntu server IP address is static, not DHCP
I checked the SELinux folder and it's empty. I removed it.
Thank you for your help,
Omar
EDIT:
I can connect from within the LAN using ssh (I installed OpenSSH on ubuntu).
ANSWER:
I found the solution to this problem. It turned out there was a firewall active that was blocking the port. The firewall is called "firestarter". Not sure how this was installed, but it can be downloaded from the ubuntu software center. The default inboud policy blocks all ports except for SSH (22). I opened port 8080 and everything worked just fine. The other firewalls (ufw and SELinux) were disabled.
Thank you all again for your help.
Omar
First of all make sure all of the IP addresses are topologically correct, then ping to the your apache server system, If all this succeeds your network is fine.
Now the question are you using the Ubuntu Server edition? if this is the case i believe you can setup apache out of the box.
In case of the Desktop edition you could install it using command line or just install something like XAMP from apache friends.
Make sure your apache Server is started
If you do not already have Apache installed, you can do so now by issuing the following commands:
sudo apt-get update
sudo apt-get install apache2
This is all that is necessary to have a working web server.
I think, "apt-get install tomcat7" doesnt works in Ubuntu. You have to manually download the TAR file & then you can install it with the scripts. Please check whether it is properly installed or not. it should show a Apache Tomcat Homepage # localhost:8080
Also if it is installed properly, check whether it is running on the port 8080, or any other port.
If everything is fine, then disable the firewall of the Server, where you have installed the Tomcat. check for the server IP.
Now from other machine, access that server using http://server_ip:port
This should work fine. No issues should be there.
The other thing, you have metioned in your question, UBUNTU BOX. May be this issue arises due to UBUNTU BOX. If possible, make a clean install of Ubuntu.