I have created a new EC2 instance and installed ftop on it. I am able to access it through PuTTY and WinSCP. Suddenly, once when I try to open through WinSCP, it is giving an error as:
The server rejected SFTP connection, but it listens for FTP
connections. Did you want to use FTP protocol instead of SFTP?
Prefer using encryption.
And through PuTTY it is showing as "CONNECTION REFUSED". I even tried restarting the instance. What is the problem?
If you want to access your Linux EC2 server instance via PuTTY or WinSCP, and you find that you can no longer successfully establish a connection to it, you can do the following in your EC2 AWS Console:
Go to the left panel of your EC2 AWS Console, Network & Security → Security Groups → *<your security group name>
In the Inbound tab, click "Edit".
Go to column "Type", row "SSH".
Go to column "Source" of row "SSH", click the "Custom" dropdown field.
Select "My IP" → Doing this should automatically update your present public IP address setting in AWS.
Take note that your public IP address may change from time to time, depending on your ISP (Internet service provider).
Having said this, whenever it does change, you should be able to resolve this issue by redoing steps 1 - 5.
Make sure the FTP ports that you are trying to access on the machine are enabled by the inbound security group rules.
This answer should help you out further inbound security group.
Also double check to make sure your EC2 machine doesn't have a firewall that may be blocking connections that are allowed by your inbound security policy.
it might be SSH service interrupted. Try to change permissions in the home directory. If the .ssh/ folder permissions changed, you can not connect to the instance. You can try shutdown and then start instead of restart.
If it is not working, please create AMI image of that server, and then try to launch a new instance from that image. Definitely it will work.
Related
I have deployed a Network License Manager for MATLAB 2022b Azure Virtual Machine (VM) from the Azure Marketplace. The deployment spins up a Windows Server 2019 VM of Standard_B1s class and it seems to be successful because I can ssh, from WSL, and RDP to the VM. However, if I try to access the license manager portal through a browser from home or office, with either Firefox or MS Edge I get the much dreaded "The connection has timed out" and "Hmmm… can't reach this page xxx.yyy.zzz.www took too long to respond" respectively.
I have the following inbound and settings rules in my Network Security Group (NSG). All the rules have been set up by the VM and I have only changed the priorities of allow-https and allow-ssh to 100 and 110 respectively and the fake Source address that I input at the VM configuration page to 0.0.0.0/0 I have restarted the VM after to propagate the changes.
Inbound and outbound rules of the VM NSG
This aerospace engineer is totally stuck because the (MATLAB) license manager only starts if a license file is loaded through the portal and the portal can only be accessed through the browser. I have also tried to start the license manager at the command line but failed.
If you are trying to access your vm in browser, Check the network firewall rule of service and inside of the vm check the port 22 is actually operational.
"The connection has timed out" error usually occurs if you have installed firewall or security software on your computer it may be preventing access to the virtual machine.
In your task bar type windows defender firewall -> change notification setting
Turn off window defender firewall like below:
Disable the firewall and try to activate port 22 by using below commands like below:
sudo ufw disable
sudo ufw status
ufw allow 22/tcp
Try to check license server details to make sure that you are using the correct hostname and port number.
Check whether the client machine is authorized to use the licenses on the license server.
If still the issue persists, try to restart the license and client machine and try.
Now try to access Network license manager via browser and check
Reference:
Run Network License Manager from Microsoft Azure - MATLAB
I ended up deleting the original VM and all its accoutrements and started a new one that works.
I'm trying to use a Windows VM deployed through AVD to connect to a client VPN. And client's VPN is restricted in a way that it only allows users to access few of their internal servers but nothing else. So, I'm loosing access to VM soon after connecting to the Client VPN using Cisco-Mobile-VPN client. And it looks like VPN is restricting external connectivity to the VM. As a new user to Azure, I'm trying know if there is a possible work around to access the VM even after connecting to client restricted VPN. Any help is much appreciated.
Please follow the below procedure to fix the issue:
Go to the “Network and Sharing Center”
Click on “Change Adapter Settings”
Click on your VPN entry and then “Change settings of this connection” in the ribbon.
Drill into IP v4 properties and to the IP Settings tab. (as the above picture shows)
Uncheck “Use default gateway on remote network”.
If you are still facing the issue or unable to uncheck “Use default gateway on remote network”, please check if he vpn provider can add you to a group that has a policy set for 'split tunneling' - this is done on the vpn host side.
Please refer below URL for more information :
https://serverfault.com/questions/193308/vpn-within-a-remote-desktop-session?rq=1
I am trying to host a web service on aws ec2 windows server 2008 r2 instance, but am unable to access the server using its public ip outside the instance. The port my application is hosted on as 3333. I have added rules for SSH, HTTP and ICMP in my security group but still cannot access it externally.
I can connect to the machine via RDP but cannot even ping the ip from my local machine. Is it something not supported on amazon free 12 month account?
Have been struggling with this for a while, any help appreciated. Below attached is the snapshot for my selected security group for the instance.
Thanks,
Aakash
You can access your server from anywhere even if you have free tier. You just need to add correct inbound rules in the associated security group. In your case, rules seem fine but the windows defender must be blocking all the incoming requests. You can try turning off the windows defender in your windows ec2 instance by searching "Windows Defender Firewall" -> click "Turn windows defender firewall on or off" -> select "Turn off windows defender firewall(not recommended)" for public requests.
I was facing the same issue. Turning it off worked for me.
I has nothing to do with free tier. You need to allow the ports which you want to access from public. Please go to security groups and allow it.
Make sure that you have allow your server to public access.For giving access go to security group in that inbound rule and allow them to public access.
Following a how-to book's guide on setting up a VM through the Azure Portal and getting the error when trying to connect
Remote Desktop can't connect to the remote computer for one of these reasons: 1) Remote access to the service is not enabled 2) The remote computer is turned off [Verified through the Azure Portal it is turned on because Start is faded, while Restart and Stop are not] 3) The remote computer is not available on the network.
The error occurs before I'm able to enter any credentials - it doesn't find the IP at all. The RDP file details (IP removed of course):
full address:s:[IPAddress]:3389
prompt for credentials:i:1
administrative session:i:1
What I've tried:
Even though the How-To book doesn't show where/how to specify a port, when I download the RDP file from the Connect option, it specifies the port 3389. The book seems to imply that simply downloading this file and connecting will work and there's no need to specify the port. I get the above error.
Flushed DNS on my computer, ipconfig /flushdns
In the Network Security Group option for the VM, I verified that port 3389 allowed any source and wasn't specific.
I did miss associating the subnet part of the Network Security Group to a virtual network, so I did associate my NSG with the default subnet set up for my Virtual Network.
From the Quick start option, I don't see how to connect to this either; I'm guessing, I need to specify a different port, but don't see where to do it here either => Update: this appears to be in the Network Security Group's Inbound security rules in the Azure portal.
Boot Diagnostics option shows the login screen. A ping to the IP address fails four times with "Request timed out."
Note: this is not a Virtual Machine (classic).
just wanted to share what worked for me.
After receiving an error prompt:
Connect is disabled for this virtual machine because of the following
issues: Network interface 'vmwindows1094': Network security group
'VMWindows10-nsg' does not have inbound security rule that allows port
3389. VMWindows10-nsg
I have added an inbound port rule. Under VM > Settings > Add inbound port rules.
Port: 3389 Protocol/Source/Destination: Any (this can be configured based on your security rules) Action: Allow
On the Azure portal, Select your VM -> Settings -> Boot diagnostics. Make sure that you can see the login screen. You might need to enable diagnostics (under Monitoring section) if not enabled already.
If you don't see the login screen, trying the 'Redeploy' option under 'Support and Troubleshooting' section of settings.
If you can see that the machines has booted correctly, the connectivity issue might be because of a firewall at your end or on the VM. See if you can ping the machine. If you are behind a corporate firewall, try connecting from elsewhere and check your PC's firewall.
Creating a new Virtual Machine on the new portal now creates a NSG (Network Security Group) along with the VM. You should be able to find it under all resources, same name as you VM. Make sure that there is an Inbound rule configured for Remote desktop (it is created by default but might be worth checking).
I had the same problem but adding an inbound security rule was not sufficient (although it is also needed).
I had to go to virtual machines > (myVm) > Reset password and then choose Reset configuration only
Try checking your VM has enough memory.
I had tried all of above suggestions and still didn't manage to access.
After trying many times I managed to get in a message appeared saying:
Your Computer is low on memory
Not 100% sure that was the reason though.
I faced the same issue. I had created an Azure VM but wasn't able to connect to it using RDP.
The culprit was a default "Inbound Port Rule" due to which all the inbound traffic was being blocked.
The solution is to create a new rule by clicking the "Add Inbound Port Rule" and allow traffic from port 3389. Make sure that the priority of this new rule is greater than the "DenyAllInBound" rule otherwise our new rule will not have any effect.
After adding the rule, try connecting to the VM using its public IP in RDP and you should be able to connect.
This worked for me, hope it helps you as well.
I haven't been able to RDP to my newly created CentOs 7 Azure VM.
In my attempt to accomplish this I followed the steps listed here:
https://blogs.msdn.microsoft.com/cloud_solution_architect/2015/05/02/remote-desktop-to-your-linux-azure-virtual-machine/
To summarize, I've installed GNOME Desktop, VNC Server, and xrdp. The instructions above talk about adding an endpoint, but since I'm using the Resource Manager deployment model, there's no settings or menu items where I can create one. Instead I added inbound rules to my network security group to allow traffic to ports used by xrdp and vncserver. Rdp and VNC viewer both timeout when I attempt to connect.
Additionally, I used the sudo netstat -ant command to confirm that both ports (for xrdp and vncserver) are both in the "LISTEN" state.
What am I missing here?
Thanks in advance.
This is a common problem I've seen when defining Azure NSGs. For your inbound Azure NSG rules, the source port needs to be "*" because your client will use a random port on the client side.