I got a problem with Azure Endpoint using Ubuntu.
SYMPTOMS
Online port scanner reported that port 1194 is closed even though the End point was defined to be open at Azure Web Interface for that VM
SETTINGS:
UFW, aka Ubuntu Firewall is inactive.
No IP Table was defined in Ubuntu
On Azure web management interface, endpoint called VPN, port TCP 443 and UDP
1194 was set to open, bidirectional allowing direct return. Public and Private port is both 1194, and both 443
lfor and netstat on ubuntu reported thata service is listening on 1194, got NC to listen to 443
DIAGNOSIS
From Ubuntu, I can see the internet. Pinging Google, getting updates works fine.
I can remote into the machine using default port 22, which is a default open endpoint defined by Azure Ubuntu Image
Restarted Ubuntu everytime a setting change.
Tried deleting and re-creating Endpoint rule, failed
Tried shutting down the VM, and delete and recreate endpoint rule, failed
I CAN Telnet to my local host from Ubuntu via 443.
TROUBLESHOOTING STEPS DEFINED
From my local computer, unable to telnet to the Ubuntu server via 443. Ok on 22, terminated because of protocol mismatch, but that is of course fine.
Online port scanners all report that 1194 was closed and so is 443
Some help would be appreciated.
I think that you need to manually configure the endpoint.
Please check https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/?rnd=1 for more information.
Related
Currently hosting a microsoft azure server that has a SCP: Secret laboratory game server on it.
OS: Ubuntu 20.04
After setting up the server and downloading the server files, I can't seem to connect to the server. The port that is needed for the game server is 7777 and I have the port open under NSG with UDP and TCP protocol, but after using multiple port checkers and trying to connect in game, I always got the port closed answer or was given a connection error.
I have tried using the azure's own troubleshooter, but that says the ports are open. Tried different ports like 7778 or 7779. Checked the firewall, but I dont even have it enabled.
I am trying to connect to VS2019 remote debugger installed on virtual machine (Windows Server 2022 version 21H2) hosted in Azure cloud.
Remote debugger is installed correctly and I've checked that TCP port number in options is set to 4024.
Now, when I try to connect from my machine I got an error message
Unable to connect to 'hostname'. The Visual Studio 2019 Remote Debugger (MSVSMON.EXE) does not appear to be running on the remote computer. This may be because a firewall is preventing communication to the remote computer. Please see Help for assistance on configuring remote debugging.
So the first thing we tried was properly set up firewall and open needed ports. After that it still doesn't work.
I've checked which ports msvsmon.exe process listens on and found out it does not use the preferred port 4024 but rather it listens on some random ports.
netstat -abo -p tcp
TCP 0.0.0.0:20031 hostname:0 LISTENING 9920
[msvsmon.exe]
TCP 0.0.0.0:20035 hostname:0 LISTENING 11148
[msvsmon.exe]
Even when remote debugger window falsely states
1.9.2022 14:25:26 Msvsmon started a new server named 'hostname:4024'. Waiting for new connections.
I've also tried starting msvsmon.exe with /port option. GUI says it used this port but in fact it still listens on some random port.
Any idea, why msvsmon starts server on random port instead of the one set in options?
does anyone know what i'm doing wrong here? i'm trying to access my windows-server 2019 ec2 node locally so i can successful collect metrics via WMI Exporter and point this at my prometheus instance.I'm trying to access port 9182 for WMI Exporter, and can connect fine via localhost on my remote widows instance, also the IPv4 Address on the same instance.I've also tried to configure the firewall port on the windows host 9182. When I try to access via localhost this returns This site can’t be reached, if i try via public address on both i get Can’t reach this page. Ive opened port 3389 inbound and all traffic ipv4 outbound. Any help would be great. I have also tried adding RDP Ip directly to the inbound security rules, yet still have the same issue. Many Thanks
After installing windows_exporter, the installer will create an inbound rule for windows_exporter itself. However it may be not enough and cause your issue for some reasons. See this similar issue.
Try to add a new inbound rule for the Windows firewall and let any programs can access the listening port (default 9182). That works for me.
I have two Azure VMs I set up to test a program I made. The program is to be run on both VMs, where synchronous operations are performed, requiring the VMs to communicate with eachother on different ports using TCP protocols. To access my Azure VMs, I SSH'd into them on port 22 using Putty on my local machine. The VMs are on the same subnet, and I am trying to get them to communicate with eachother via their public IP. I have set up both VMs inbound rules to accept messages from eachother on any port, using any protocol here is an example of this.
During the execution of my program, I encounter the following error "Unable to connect to remote host: Connection refused". After this, I did some investigating. First, I had both VMs ping eachother, which they successfully did. Then, on both VMs, I ran the command "telnet other.ip 22", where other.ip is the other VMs public IP. This seems to work, as seen in this image. When I run "telnet other.ip 6000", or any other port besides 22 for that matter, I get the same error of "Unable to connect to remote host: Connection refused". My rational is that if I can get the "telnet" command running on any port, that my program will likely work too.
I am not too sure what my issue could be at this point, and my internet searches have not helped me. I doubt there is an issue of a port being backlogged with communication requests given my current inbound rules. Also, I did try to change my inbound rules so that my VMs would receive messages on any port, using any protocol, from any source, which resulted in the same error (I then changed it back from 'any source' to only my other VMs public IP for security purposes).
According to your description, you may check two points:
If there is any firewall inside the VM that is blocking the connection from the external network with port 6000. For example, if you are using Ubuntu VM, you can refer to How to Set Up a Firewall with UFW on Ubuntu 18.04. Then disable the firewall with the command sudo ufw disable or add a firewall rule to verify this.
Run the command on Linux to see open ports. sudo netstat -tulpn | grep LISTEN. You should see port 6000 in the output. If not, it might mean that your program is not started well.
Let me know if you have any concerns.
Check your firewall rules. If your organization tent to use firewall then add port 6000 in inbound and outbound chain.
you can connect the remote host with port number only when it is in listening state.
sudo netstat -tulpn | grep LISTEN.
I hosting a dedicated Server(win2008 Standart). IIS is installed. There are several Websites bound to different ports(eg SharepointServicesCentralAdministration to 17012).
Every website work well if is bound to port 80 but if i change the port i get timeout (connection via internet) - local it works well.
(Hardware and software firewall are down.)
For some additional test a c# TcpClient Instance is listening on port 12345. If i try connect via internet i get exception:
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond xxx.xxx.xxx.xxx:12345 - seems the same issue...
Any idea what could be wrong?
You most likely have port 80 forwarded to your machine from your internet bordering router/firewall.
You would need to have the other ports forwarded as well in your router/firewall for these other ports to work.
This also assumes you already opened the local firewall ports as you mentioned above, which is also required!
Is it possible for other computers in the local subnet to connect? Probably only the local subnet is allowed. The setting needed for ip-restrictions has to be installed: http://www.hrzdata.com/node/46