Azure VPS not opening any ports no matter what - azure

I'm trying to open several ports on Azure. I have a single VPS with a single network security group with a single virtual network and subnet. Everything seems to be configured correctly, check images:
But trying to ping any port, for instance 8080:
nc -zv 52.166.131.228 8080
nc: connect to 52.166.131.228 port 8080 (tcp) failed: Connection refused
running desperate here, I've followed the guidelines to no avail https://learn.microsoft.com/en-us/azure/virtual-machines/virtual-machines-windows-nsg-quickstart-portal ...any idea what I'm missing??

According to your error, I think you should check your service firstly. I don’t find 8080 is listening according to your output.
Please ensure port 8080 is listening, you could try to use telnet for test in your VM firstly.
telnet 127.0.0.1 8080
Notes: NSG could associate to VM and subnet.
Please refer to this article about how to manage NSG
I notice that your port 5432 is only listening on 127.0.0.1. I think you should check your configuration. If you want to access port 5432 with public IP, the port should listening on 0.0.0.0

Related

AZURE VMs on the same VNET, different subnet can not ping to port other then 3389

I am very new to the AZURE, and was trying to connect two VM (same network, separate Subset).
I have enabled RDP on both the VM, So I can ping from VM-1 to VM-2 like this:
PS C:\Users\AzureUser> Test-NetConnection 10.0.1.4 -port 3389
ComputerName : 10.0.1.4
RemoteAddress : 10.0.1.4
RemotePort : 3389
InterfaceAlias : Ethernet
SourceAddress : 10.0.0.4
TcpTestSucceeded : True
I guess this is because this port 3389 is used for RDP.
Now in Inbound port rules I have added port 8080 but not able to connect.
PS Output:
PS C:\Users\AzureUser> Test-NetConnection 10.0.1.4 -port 8080
WARNING: TCP connect to 10.0.1.4:8080 failed
WARNING: Ping to 10.0.1.4 failed -- Status: TimedOut
ComputerName : 10.0.1.4
RemoteAddress : 10.0.1.4
RemotePort : 8080
InterfaceAlias : Ethernet
SourceAddress : 10.0.0.4
PingSucceeded : False
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded : False
Overall Virtual Network connection is like this:
Any help is appreciated.
According to your networking topology, both VMs are in the same VNET, but different SUBNET, it means that traffic between VMs are allowed by default rules in NSG. In order to make sure that everything is correct on Azure network, you can do the following tests.
any chance that VM Windows firewall (10.0.1.4) is blocking traffic on port 8080? Just in case, disable Windows Firewall for this VM and test it again.
from VM 10.0.1.4 run this command, make sure that exists a service listening on port 8080.
netstat -ano | findtr 8080
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 4
TCP [::]:8080 [::]:0 LISTENING 4
you can use Network Watcher to see IP Flow. Select your source VM and put all information about VM destination, local port is a random high port, you can use the same in this image, remote IP and port is your VM 10.0.1.4.
I would say that you have an issue inside your VM 10.0.1.4, based on all information you provided. Let me know if all steps above didn't help and then we can continue working on it.
It's a good idea to see if the port is listening at the destination
netstat -ano | findStr "8080"
Port 3389 is pinging as it is already opened and assigned the RDP application. Similarly, port 8080 should have an application running and in listening mode to ping the port successfully
Thanks,
Manu
You are pinging from one subnet to another. The the traffic must be able to get out of the first subnet and into the second. Therefore, you need to define both inbound and outbound rules.
See: https://learn.microsoft.com/en-us/azure/virtual-network/security-overview#default-security-rules

nodejs timed out on all ports when hosting on godaddy server

I've trying to run my nodejs/expressjs application on my godaddy server, but any port I use times out. I've tried using the application on my local device and it works fine. I have a snippet of my connection below.
var app = express();
app.listen(8080, function() {
console.log("Listening on port " + 8080);
});
When I run the program through ssh, I get no errors
node index.js
Listening on port 8080
But when I go to the corresponding location in my browser, I get:
xxx took too long to respond.
ERR_CONNECTION_TIMED_OUT
I'm pretty sure it has to do with running on the godaddy server. If anyone has experience using this service with nodejs, is there a specific port I should be using, or is there any other setup I should do?
Do you have a VPS with GoDaddy right? So I assume you have also root access.
SSH into your GoDaddy server as root and check if the node.js app actually listens on that port:
netstat -tunlp | grep 8080
If you see any result there for the node.js app and that port then the port is open.
By default, there should be a firewall on your server which might block most of the ports and allows only the necessary incoming traffic.
You can check if there is any rule for that port by issuing the command bellow:
iptables -nvL | grep 8080
If any result is returned, then you have to add an iptables rule to allow access to that port. There are multiple methods to do that:
permit full access from your IP access to the server
permit your ip to access port 8080 on the godaddy server
permit outside world to access port 8080 on your server
You could read any iptables guy, it's pretty easy to add/edit/delete firewall rules. Most of the cPanel/WHM servers come with CSF Firewall (which is based on iptables and perl scripts).
In order to allow an ip address to your firewall (if you have CSF Firewall installed) you have to issue the following command:
csf -a ip-address
I hope that helps!

Azure resource manager windows VM accessing endpoints from internet not working

I have installed mirthconnect on windows virtual machine in azure resource manager. I am able to access admin console with http://localhost:8080 .But same is not accessible from internet. I have added endpoints in network security.
Is there any other configuration I am missing here ?
I am able to RDP to the machine . I have tried with source as * and destination as * also . But still no luck.
I am not able to telnet also with the VM public IP and the given ports.
Connect to your Virtual Machine, Open the Firewall Advanced Settings and add an exception for the port 8080 as the EndPoint Configuration doesn't do that for you
Did you allow 8080/TCP from anywhere, for all profiles in Windows Firewall?
Is you daemon listening on 0.0.0.0 or just 127.0.0.1?
netstat -ban
should give you the answer there.
e.g.
[spoolsv.exe]
TCP 0.0.0.0:1540 0.0.0.0:0 LISTENING
[lsass.exe]
TCP 0.0.0.0:2179 0.0.0.0:0 LISTENING
[vmms.exe]
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
If you're only listening on localhost (127.0.0.1) you need to address the configuration of your daemon and then restart it.

How do I access a specific port on a VM in Azure's Resource Manager

I'm trying to relive my university days, by running my own MUD on azure portal, and have run into difficulty when connecting from the outside world.
For those that don't know, this has a fairly simple interface which listens on a port of your choice, and which doles out descriptors as they come in:
https://github.com/InfiniteAxis/SmaugFUSS/blob/master/src/comm.c
I set up an Ubuntu VM in Azure, which has an IP address that I can connect to from my machine via ssh, and successfully compiled and run the mud. I can connect on port 4020 inside the ssh session using telnet, but can't connect to port 4020 from my machine.
netstat -an | grep :4020
tcp 0 0 0.0.0.0:4020 0.0.0.0:* LISTEN
It seems to be listening correctly, so I tried to add an Inbound security rule to the Network Security Group. I gave it a higher priority (lower number) than the ssh rule, which seems to redirect all tcp ports connecting in to 22, but am still unable to connect.
Two rules:
Source: Any, Protocol: TCP, Port: 4020, Destination: Any, Port: 4020
Source: Any, Protocol: TCP, Port: *, Destination: Any, Port: 22
There doesn't seem to be any firewall enabled in Ubuntu (ufw is disabled), but I can't connect.
Anyone got any ideas where I should be looking next? I feel I've missed something really obvious.
You need to set your source port to *, not 4020. This is specifying where traffic is originating from, not where it's going to.

telnet to azure vm port from outside

I want to telnet virtual machine on port 1234. I have server.exe running on vm which listens to port 1234.
When I run telnet within virtual machine cmd "telnet 127.0.0.1 1234" response is
"ok"
However when I run telnet from outside using "telnet publicIP 1234" response is
Connecting To publicIP...Could not open connection to the host, on
port 1234: Connect failed
I have added endpoints in azure portal and tried switching off the firewall from both virtual machine and my local machine.
Can anyone please suggest?
Two things to consider:
Make sure that your server.exe listens also the VM network adapter, but not only on 127.0.0.1
Make sure that your ISP( Internet Provider) does not block outgoing ports - very common issue.
To avoid (2) change the public port for the VM Endpoint to 80 and try with telnet publicIP 80
To make sure you comply with (1), while on the VM try telnet **localIP** 1234

Resources