Cannot trickle ICE server using external IP, Coturn server in Ubuntu - nat

I have setup Coturn server from Url https://www.webrtc-experiment.com/docs/TURN-server-installation-guide.html#coturn in Ubuntu.
Turnserver is working fine using local-ip, but when I try to trickle using exernal-ip I get error Not reachable?
If I access turnserver from browser url I can access it using external-ip. I get message.
TURN Server
https admin connection
To use the HTTPS admin connection, you have to set the database table _admin_user_ with the admin user accounts.
My turnserver.conf looks like:
user=test:test123
listening-port=3478
tls-listening-port=5349
listening-ip=192.168.22.101
relay-ip=192.168.22.101
external-ip=202.137.12.10
realm=yourdomain.com
server-name=yourdomain.com
lt-cred-mech
userdb=/etc/turnuserdb.conf
cert=/etc/ssl/my-certificate.pem
pkey=/etc/ssl/my-private.key
no-stdout-log
I am starting turn server using command:
sudo turnserver -a
And I try to trickle using below format:
turn:202.137.12.10:3478[test:test123]
Trickle: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
Please tell me where I am going wrong.

I got what was wrong, it turned out to be that UDP port 3478 was blocked. Also I was able to get trickle if I used TCP protocol (turn:?transport=tcp[username:password])

Related

How to configure ngrok for SQL Server access

I would like to test a website in development hosted in a remote location against a sql server instance on my local machine. I was thinking I could run ngrok locally and update the connection string on the remote website appropriately, but I'm not sure what parameters I need to specify.
I've tried ngrok tcp 12345 and ngrok http 12345
In SQL Server Configuration Manager I've enabled TCP/IP for the SQL Express instance I want to use and set the port to listen on to 12345 (actually, a different number, but we'll say 12345 for the sake of this post). And I then restarted SQL Server.
I don't believe it's necessary for me to make holes in the firewall, but just in case I've temporarily disabled it entirely while I test this.
To test locally, I am taking the url ngrok provides and putting it in the connection dialog in SQL Management Studio, but I can't get it to connect.
What am I missing?
Set up Ngrok
Run ngrok on tcp on the SQL port (by default is 1433)
ngrok tcp 1433
You will get an url like tcp://3.tcp.ngrok.io:12345
In the "Connect to Server Dialog" type:
Server name: 3.tcp.ngrok.io,12345 Notice the comma between the port and the url. Type the url without tcp://
Login: your regular user, in my case sa and your password
Connect
The "URL" that ngrok generates for a TCP tunnel probably shouldn't be used unmodified. The tcp:// scheme part isn't a URI scheme in common use I don't think. Only the hostname and port part of the generated ngrok "URL" would be useful in a SQL Server connection configuration.
Not being intimately familiar with the referenced connection dialog in SQL Management Studio, it's hard to say exactly what input is expected, but maybe stripping out the tcp:// scheme will do the trick?

When I run my daemon the service is a http proxy instead off http

I am currently running a service with systemctl, and it is running as an http proxy, not normal http. Is this something that Google does? I am using port 8080 and I can't connect to it via http. My daemon is using port 8080, while using the type http-proxy (I am seeing this with the command nmap -sV -sC -p 8080 35.208.25.61 -vvvv -Pn). Instead, I want the daemon I'm running (wings.service) to use http, so it can use that type of connection to connect to my panel.
The panel is part of a piece of software along with the daemon, it's called pterodactyl. Anyways, I have tried everything on what to do, and I think this problem that I am addressing is the problem that causes dysfunction on my panel. I might just have to move to a different service to host my bots for discord.
Let me know if there's anything I can do to fix this.
As per I can understand you are unable to access the panel via web URL.
Pterodactyl web server can be installed using NGINX or Apache web servers, and both web servers by default listed on port 80 based on Pterodactyl web server installation guide, so you must enable HTTP port 80 traffic on your Compute Engine VM instance
The default firewall rules on GCP do not allow HTTP or HTTPS connections to your instances. However, it is fairly simple to add a rule that does allow them following this steps:
1.-Go to the VM instances page.
2.- Click the name of the desired instance.
3.- Click Edit button at the top of the page.
4.- Scroll down to the Firewalls section.
5.- Check the Allow HTTP or Allow HTTPS options under your desired VPC network.
6.- Click Save.
Note: The Pterodactyl panel and Daemon installation are not the same for each operating system, if after checking the VPC firewall rules on the VM settings and also the status of the web server in the instance (NGINX or Apache) you still cannot access your panel, please provide a step by step list with all commands you followed to complete the installation, including the OS version you used.

Connect to a remote Jupyter runtime over HTTPS with Google Colab

I'm trying to use Google's Colab feature to connect to a remote run-time that is configured with HTTPS. However, I only see an option to inform the port on the UI, not the protocol.
I've checked the Network panel and the website starts a WebSocket connection with http://localhost:8888/http_over_websocket?min_version=0.0.1a3, HTTP-style.
Full details of my setup:
I have a public Jupyter server at https://123.123.123.123:8888 with self-signed certificate and password authentication
I've followed jupyter_http_over_ws' setup on the remote
I started the remote process with jupyter notebook --no-browser --keyfile key.pem --certfile crt.pem --ip 0.0.0.0 --notebook-dir notebook --NotebookApp.allow_origin='https://colab.research.google.com'
I've created a local port forwarding with ssh -L 8888:localhost:8888 dev#123.123.123.123
I've turned on network.websocket.allowInsecureFromHTTPS on Firefox
I've went to https://localhost:8888 and logged in
Naturally, when the UI calls http://localhost:8888/http_over_websocket?min_version=0.0.1a3 it fails. If I manually access https://localhost:8888/http_over_websocket?min_version=0.0.1a3 (note the extra s) it gets through.
I see three options to solve it:
Tell the UI to use secure WS connection
Run a proxy on my local machine to transform the HTTPS into plain HTTP
Turn off HTTPS on my remote
The last two I think will work, but I wouldn't like that way.
How to do #1?
Thanks a lot!
Your option 1 isn't possible in colab today.
Why do you want to use HTTPS over an SSH tunnel that already encrypts forwarded traffic?

unable to ping/send http requests to RHEL tomcat server on Azure

Note - I am fully aware that there are lot of similar issues posted before, but I tried NSG settings, psping but nothing seem to work
All, I brought up a RHEL7.3 server on Azure and installed JDK1.8 and Tomcat8. After starting Tomcat, I tried an http request from my browser:
http://XX.yy.zz.abc:8080/ but I was unable to get the index page
I also created an inbound security rule to allow HTTP and also allow IP range from our company.
Even worse is, when I tried pinging to this IP from my desktop computer, I am unable to ping the same - it is timing out.
Please note that in the past, I've been able to bring up servers and be able to connect from desktops without any issues - in a similar azure-companynetwork setup.
Am I missing anything here?
Ok, so pings do not work, you shouldn't even try that. What you should check is the firewall on you RHEL VM and check you've allowed port 8080 on you NSG, also your VM should have a PublicIP attached
According to your description, you had better check as the following ways:
1.Please ensure you could access your web by using 127.0.0.1:8080 on your VM.
2.Check your service listening.
netstat -ant|grep 8080
Please ensure 8080 is listening on tcp not tcp6.
3.Open firewall port on RHEL.
sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent
More information about RHEL firewall please refer to this link.
4.Open port on Azure NSG.
NSG could be associated with NIC and subnet, you should check all of them.
All,
It looks like there is an input firewall inside of RHEL7.3 that is preventing connections. I just stopped it using
service firewalld stop
I am able to get the home page.

The server rejected SFTP connection, but it listens for FTP connections

When I use WinSCP in Windows to connect to VMware with Ubuntu, it prompted this:
The server rejected SFTP connection, but it listens for FTP connections.
Did you want to use FTP protocol instead of SFTP? Prefer using encryption.
What's the matter?
I can succeed to ping Ubuntu in Windows.
The fact that you can ping the server has nothing to do with what protocols it supports.
The message says that the server does not listen on port 22 (SSH, SFTP), but listens on port 21 (FTP). The point of the message is that WinSCP defaults to SFTP protocol, what is not common. So it tries to help users who expect FTP to be a default. But that's not relevant to you apparently.
As #ps2goat suggested, make sure you setup SSH/SFTP server.
For more details, see the documentation for the error message The server rejected SFTP connection, but it listens for FTP connections.
If you see this error all of a sudden (when SFTP has always worked for you for this particular server), and if you are using CSF (ConfigServer Security & Firewall), then it might be that your IP was blocked for SSH access. Try flushing all blocks. Also, try restarting the SSH server.
Old question but still responding so others might get benefited.
I stumbled upon this error and the first thing I checked was if my ubuntu machine had ssh installed. It was there and the latest version and I still would get this error.
As long as you have ssh access to the target, check the ssh service status and most certainly it'd be found inactive. Turn it on using
sudo service ssh restart
and you should be back in the game.
Do check the status of the SFTP by using
sudo service ssh status
and take any corrective action.

Resources