I'm trying to relive my university days, by running my own MUD on azure portal, and have run into difficulty when connecting from the outside world.
For those that don't know, this has a fairly simple interface which listens on a port of your choice, and which doles out descriptors as they come in:
https://github.com/InfiniteAxis/SmaugFUSS/blob/master/src/comm.c
I set up an Ubuntu VM in Azure, which has an IP address that I can connect to from my machine via ssh, and successfully compiled and run the mud. I can connect on port 4020 inside the ssh session using telnet, but can't connect to port 4020 from my machine.
netstat -an | grep :4020
tcp 0 0 0.0.0.0:4020 0.0.0.0:* LISTEN
It seems to be listening correctly, so I tried to add an Inbound security rule to the Network Security Group. I gave it a higher priority (lower number) than the ssh rule, which seems to redirect all tcp ports connecting in to 22, but am still unable to connect.
Two rules:
Source: Any, Protocol: TCP, Port: 4020, Destination: Any, Port: 4020
Source: Any, Protocol: TCP, Port: *, Destination: Any, Port: 22
There doesn't seem to be any firewall enabled in Ubuntu (ufw is disabled), but I can't connect.
Anyone got any ideas where I should be looking next? I feel I've missed something really obvious.
You need to set your source port to *, not 4020. This is specifying where traffic is originating from, not where it's going to.
Related
I have an Ubuntu16.04 VM on Azure, and am trying to run a node server on it. When I bind the port to 80, I am able to access it from my browser (http://a.b.c.d:80). However, if I try to instead bind the server to a different port, such as 3300 or 8080, the browser times out when trying to connect to it. (http://a.b.c.d:3300)
I have ensured that:
There exists an inbound security rule for port 3300 in the NSG
The windows firewall of the machine of the browser allows port 3300 (I have even tried temporarily turning it completely off but to no avail)
I am not using an azure load balancer
I am starting node with root privileges
Node is bound to (port, "0.0.0.0")
I am listening on the correct port (I think?)
netstat -ant | grep 3300 gives
tcp6 0 0 :::3300 :::* LISTEN
I have spent a few hours now researching on the internet how to get it to work and tried everything I could find, but to no avail. If anyone has any input i'd be happy to try it out.
Jason was correct, it was a ufw issue. If anyone comes across this question in the future, I solved it with the command
sudo ufw allow proto tcp from any to any port 3300
I've trying to run my nodejs/expressjs application on my godaddy server, but any port I use times out. I've tried using the application on my local device and it works fine. I have a snippet of my connection below.
var app = express();
app.listen(8080, function() {
console.log("Listening on port " + 8080);
});
When I run the program through ssh, I get no errors
node index.js
Listening on port 8080
But when I go to the corresponding location in my browser, I get:
xxx took too long to respond.
ERR_CONNECTION_TIMED_OUT
I'm pretty sure it has to do with running on the godaddy server. If anyone has experience using this service with nodejs, is there a specific port I should be using, or is there any other setup I should do?
Do you have a VPS with GoDaddy right? So I assume you have also root access.
SSH into your GoDaddy server as root and check if the node.js app actually listens on that port:
netstat -tunlp | grep 8080
If you see any result there for the node.js app and that port then the port is open.
By default, there should be a firewall on your server which might block most of the ports and allows only the necessary incoming traffic.
You can check if there is any rule for that port by issuing the command bellow:
iptables -nvL | grep 8080
If any result is returned, then you have to add an iptables rule to allow access to that port. There are multiple methods to do that:
permit full access from your IP access to the server
permit your ip to access port 8080 on the godaddy server
permit outside world to access port 8080 on your server
You could read any iptables guy, it's pretty easy to add/edit/delete firewall rules. Most of the cPanel/WHM servers come with CSF Firewall (which is based on iptables and perl scripts).
In order to allow an ip address to your firewall (if you have CSF Firewall installed) you have to issue the following command:
csf -a ip-address
I hope that helps!
I'm trying to open several ports on Azure. I have a single VPS with a single network security group with a single virtual network and subnet. Everything seems to be configured correctly, check images:
But trying to ping any port, for instance 8080:
nc -zv 52.166.131.228 8080
nc: connect to 52.166.131.228 port 8080 (tcp) failed: Connection refused
running desperate here, I've followed the guidelines to no avail https://learn.microsoft.com/en-us/azure/virtual-machines/virtual-machines-windows-nsg-quickstart-portal ...any idea what I'm missing??
According to your error, I think you should check your service firstly. I don’t find 8080 is listening according to your output.
Please ensure port 8080 is listening, you could try to use telnet for test in your VM firstly.
telnet 127.0.0.1 8080
Notes: NSG could associate to VM and subnet.
Please refer to this article about how to manage NSG
I notice that your port 5432 is only listening on 127.0.0.1. I think you should check your configuration. If you want to access port 5432 with public IP, the port should listening on 0.0.0.0
I have installed mirthconnect on windows virtual machine in azure resource manager. I am able to access admin console with http://localhost:8080 .But same is not accessible from internet. I have added endpoints in network security.
Is there any other configuration I am missing here ?
I am able to RDP to the machine . I have tried with source as * and destination as * also . But still no luck.
I am not able to telnet also with the VM public IP and the given ports.
Connect to your Virtual Machine, Open the Firewall Advanced Settings and add an exception for the port 8080 as the EndPoint Configuration doesn't do that for you
Did you allow 8080/TCP from anywhere, for all profiles in Windows Firewall?
Is you daemon listening on 0.0.0.0 or just 127.0.0.1?
netstat -ban
should give you the answer there.
e.g.
[spoolsv.exe]
TCP 0.0.0.0:1540 0.0.0.0:0 LISTENING
[lsass.exe]
TCP 0.0.0.0:2179 0.0.0.0:0 LISTENING
[vmms.exe]
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
If you're only listening on localhost (127.0.0.1) you need to address the configuration of your daemon and then restart it.
I want to telnet virtual machine on port 1234. I have server.exe running on vm which listens to port 1234.
When I run telnet within virtual machine cmd "telnet 127.0.0.1 1234" response is
"ok"
However when I run telnet from outside using "telnet publicIP 1234" response is
Connecting To publicIP...Could not open connection to the host, on
port 1234: Connect failed
I have added endpoints in azure portal and tried switching off the firewall from both virtual machine and my local machine.
Can anyone please suggest?
Two things to consider:
Make sure that your server.exe listens also the VM network adapter, but not only on 127.0.0.1
Make sure that your ISP( Internet Provider) does not block outgoing ports - very common issue.
To avoid (2) change the public port for the VM Endpoint to 80 and try with telnet publicIP 80
To make sure you comply with (1), while on the VM try telnet **localIP** 1234