I'm kind of lost in my current project. From a linux machine (Ubuntu server), running a code in nodejs I have to connect to a windows server, through VPN, and access a mySQL server running on it.
About the VPN server I only know it's Windows and I can easily connect to it by using the VPN conector on another Windows machine, I do not have access to that machine or know its parameters.
All I have is the IP of both VPN and database server inside that VPN, and username/password for VPN and database as well. Also I know that the VPN uses ms-chap v2.
I'm trying to use openvpn like that:
sudo openvpn --remote vpnIP --dev tun --ifconfig 127.0.0.1 dbIP
This does not show any error message but never request VPN's username/password
And what should I do from nodejs to access the database once VPN is created?
As I've said, I'm very lost on that! Any tip will be welcome!
Unless something else is specified, a Windows based VPN almost always uses PPTP. You can not connect with OpenVPN. You have to use a PPTP client.
The Ubuntu package is pptp-linux.
There is a detailed explanation on how to configure it here.
In a nutshell (I assume you have no GUI on a server),
you can create a tunnel with :
pptpsetup --create my_tunnel --server <server_address> --username <username> --password '<password>' --encrypt
Configuration files will be created in /etc/ppp. You can then connect (in debug mode) with:
pon my_tunnel debug dump logfd 2 nodetach
or simply (once it work) :
pon my_tunnel
and stop it with :
poff my_tunnel
If the server is a gateway, you may need to add a route, something like :
ip route add 192.168.1.0/24 dev ppp0
You may want Network Manager with a plugin network-manager-pptp, also see this wiki
https://help.ubuntu.com/community/VPNClient#PPTP
Related
I cannot connect to redis server (ubuntu server 16.04 LTS 64 bits on separate PC) from windows 8.1 64-bits. Redis is well documented, however I found very little information how to connect redis server from separate machine.
I have installed latest version of redis into linux and locally everything works fine. I start server via redis-server and also I start redis-cli and after that I am able to add information into server and retrieve it. The same situation is in windows - everything works locally.
In order to connect from windows into linux redis server I did these changes.
In linux I set the static local IP via sudo nano /etc/network/interfaces
address 192.186.xxx.xxx
netmask 255.255.255.0
network 192.168.xxx.xxx
broadcast 192.168.xxx.xxx
gateway 192.168.xxx.xxx
dns-nameservers 8.8.8.8
In redis.conf file I bind my windows PC IP which is given by my internet service provider. I also opened TCP 6379 port in my router GUI. In windows I modify redis.windows-service.conf and redis.windows.conf files. In both of them I bind my IP address given by my internet service provider. After this I cannot start redis-cli properly (empty black cmd window is visible)
What I am doing wrong? I would be very grateful for any help.
You should modify the redis conf, my redis conf is located at /etc/redis/6379.conf.
And you should comment the line "bind 127.0.0.1" Or change to bind 0.0.0.0.
The bind specify which network interface the redis server should listen to. The default is localhost.
And also Change the protected-mode to no :
Protected mode is a layer of security protection, in order to avoid that
Redis instances left open on the internet are accessed and exploited.
When protected mode is on and if:
1) The server is not binding explicitly to a set of addresses using the
"bind" directive.
2) No password is configured.
The server only accepts connections from clients connecting from the
IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
sockets.
By default protected mode is enabled. You should disable it only if
you are sure you want clients from other hosts to connect to Redis
even if no authentication is configured, nor a specific set of interfaces
are explicitly listed using the "bind" directive.
protected-mode yes
If you don't disable the protected-mode, your redis server will not listen public ip interface. more detail see above.
If you can access the remote server from your machine, your problem is most probably with redis security config, read the Securing Redis section in this document
I found that most of the time people don't change the "bind" directive value in redis config, you can test that by setting bind 0.0.0.0 and restarting redis server, if that's the issue, you can then allow whatever subnets you need to access the server.
I have also experience the same issue trying to connect to Redis (MSOpenTech 3.0.5 and 3.2.1) By default if no binding is stated then redis(according to the comments in the conf file) will listen to all available interfaces. That said, v 3.2.1 does have 'bind 127.0.0.1' already set... in 3.0.5 Setting the binding to 'bind 127.0.0.1' still allows the redis-cli to be used. Binding to 192.168.1.2 renders the redis-cli unusable with both versions - there is no IP and Port prompt, simply a carat and the cli does not accept keyboard input. Binging to an external IP the MSOpenTech fork service will not restart and throws an error(nice). Clearing all bindings and reverting back to original state, the redis-cli becomes usable again. Also, on the MS OpenTech fork there is no 'ProtectedMode' setting in either config file. Not sure whether this can actually be set.
Have raised this as an issue on the MSOpenTech fork via github but expecting silence to be the only reply...
I'm not sure this helps you in any way other than knowing that you are not alone. I am trying to pub from PHP to AS3 subscribers - it works great in the Flash IDE but from the localhost browser, redis appears to go decididly deaf.
I currently have an EC2 instance up and running with Amazon Linux running and transferred my project (which contains both React/NodeJS/Express) onto the EC2 instance via SFTP using FileZilla.
For the EC2's Security Groups, I opened a port for 3000 (protocol: tcp, source: 0.0.0.0/0), which is how my Express is defined as well.
So I sshed into EC2 instance and ran the project's Express, and sees it listening to port 3000 within the terminal. But once I hit the Public DNS with ec2...us-west-1.compute.amazonaws.com:3000, it says The site can't be reached - ec2...us-west-1.compute.amazonaws.com took too late to respond.
What could be the issue and how can I go about from here to connect to it?
Thank you in advance and will upvote/accept answer.
Just check if your Node.js server is running on the EC2 instance.
Debugging:
Check first if It working locally properly.
Check for the node.js server in EC2.
sudo netstat -tulpn | grep :3000
try to run server with --verbose flag i.e npm run server --verbose
it will show logs of the server while starting.
Check for the security group Setting for the EC2 instance.
try to connect with the ip:port i.e 35.2..:3000
If still it not working and response taking long time.
that means some other service is running on the same port.
try this in ec2:
sudo killall -9 node
npm run server
And connect with using IP(54.4.5.*:3000) or public DNS (http://ec2...us-west-1.compute.amazonaws.com:3000).
Hope It will help :)
You may be encountering an issue with outbound traffic. You may be inside a company's network, either physically connected or VPN'd in. In some instances, your VPN isnt set up to handle split traffic, so you must abide by your company's outbound restrictions.
In a situation like this, you would want to use a proxy to access your site. when locking down your security group, make sure you use your proxy's public IP (not your company's).
Usually, when we have connectivity issues, it is something basic or a firewall. I assume you have checked whether a firewall is running on either end, eg. iptables -L -n. Also, any protocol analyzer like wireshark or tcpdump would tell you where packets to port 3000 are visible.
I am trying to connect Monetdb database, and I would like to use it with a node.js server app.
I currently set up a VirtualBox environment with monetdb package, as described here, and it works well: https://www.monetdbsolutions.com/solutions/cloud/vm
I can connect to this VM with putty with root#localhost:2222, and it works.
However, I cannot find the way to connect to the VM and to my database using node monetdb package: https://www.npmjs.com/package/monetdb
I used:
var options = {
host : 'localhost',
port : 2222,
dbname : 'mydb',
user : 'root',
password : 'monetdb'
};
I cannot find the way to make it work.
When I use:
var conn = require('monetdb').connect(options , function(err) {
if (!err) console.log('connected');
});
It does not trigger any error, nor launches any connection.
I think I am missing something when I access to the Virtual machine root#localhost:2222. It works with SSH, but I am not sure the access with monetdb node package is similar.
Is it even possible to connect to this VM from node.js? Maybe I should try another way to try this database with node.
They made a "docker container". I never used that kind of thing, but it may be suitable as well...
Any help on how I can solve this would be a lot appreciated!
Thanks very much on this.
Best regards
The port 2222 that is linked to port 22 on the virtual machine is for ssh only. The instructions show how to use monetdb on the virtual machine, and not from the host system.
The instruction page mentions:
Alternatively you can create a tunnel over SSH to access the database using the MonetDB MAPI protocol.
So that should be your first attempt. If you are on Linux/Unix or OSX you can set up a tunnel to the default monetdb port like this:
ssh root#localhost:2222 -L 50000:localhost:50000
Alternatively you can use VirtualBox to setup the port forwarding, as explained in the manual in paragraph 6.3.1:
To configure Port Forwarding you can use the graphical Port Forwarding editor which can be found in the Network Settings dialog for Network Adaptors configured to use NAT. Here you can map host ports to guest ports to allow network traffic to be routed to a specific port in the guest.
Now assuming monetdb is running on the virtual host you could connect to it on port 50000 on localhost. You have to check the instructions for username/password, they are probably not the same as the ssh credentials used to set up the tunnel.
Another soluction might be to change the virtualbox config from NAT (where port 2222 on your machine is forwarded to 22 on the virtual computer) to a bridged setup where you can access the virtual machine on its own ip address. This is assuming you have a dhcp server running and dhcp is configured correctly on the virtual os. If this is not the case you need server admin knowledge to get all this set up.
How to use two proxies with authentication in a linux terminal?
My college uses cyberroam with squid proxy server and it blocks all legitemate terminal requests such that basic commands like apt-get install libvirt kvm dont work.
So i was thinking of either running a vpn or a private proxy server on google app engine and connecting to it via the terminal but i need to go through the squid proxy to reach the internet.
Any ideas as to how to implement this.
PS: We already tried reasoning with the college authorities they say they cant help directly but we can always bypass it wihtout their knowing. And we really need this for our project so please help. Thank you
I'm not sure if NTLMAPS will work for you but it works for me on bypassing company proxy with the use of public proxy servers.
Another thing, my friend's company is using domain controller to authenticate internet users and he told me that NTLMAPS also works for him and able to access the net via linux terminal.
Good luck.
I setup the proxy in my ubuntu machine as below:
https://gopukrish.wordpress.com/2014/05/22/configure-proxy-in-ubuntu-14-04/
Following are the contents in-case the link becomes unusable in future.
Download and install cntlm package from : http://sourceforge.net/projects/cntlm/
Edit /etc/cntlm.conf
Give credentials in the below fields
username
domain
password
proxy IP:Port
Note down the Listen port… say it is 3128
save
Select Network options in Ubuntu and choose network proxy
Give 127.0.0.1 port 3128 for all the protocols
/etc/init.d/cntlm restart
This worked for me after the restart
I am currently using a very simple OpenVPN setup where I connect from different devices to a OpenVPN server and then access a website that is being hosted by an Apache Server running on the same system. To reach that server, I have to use its IPv4 adress inside the VPN (e.g. 10.1.0.1).
I would like to use a 'real' name like myserver.local. Is there a way to do this without setting up a DNS server? Can the OpenVPN-Client maybe just add an entry to the local hosts-file?
Not without setting up a DNS server, but getting one to work is very easy and can be restricted behind the VPN.
I am using dnsmasq on Ubuntu 14.04 for exactly this purpose. Just install it and add all your hosts to the /etc/hosts-File in the following way:
# Clients on the VPN
10.8.0.1 vpn.lan vpn.lan
10.8.0.8 service1.lan service1
10.8.0.6 service2.lan service2
You can restrict dnsmasq, that it only listens to the tun0-Interface of OpenVPN by adding interface=tun0 to /etc/dnsmasq.conf. You can push the DNS server to your clients by adding push "dhcp-option DNS 10.8.0.1" to your /etc/openvpn/server.conf.
The downside of this solution is, that you have to add every server to /etc/hosts, but for a couple of servers I think it's ok.