Note - I am fully aware that there are lot of similar issues posted before, but I tried NSG settings, psping but nothing seem to work
All, I brought up a RHEL7.3 server on Azure and installed JDK1.8 and Tomcat8. After starting Tomcat, I tried an http request from my browser:
http://XX.yy.zz.abc:8080/ but I was unable to get the index page
I also created an inbound security rule to allow HTTP and also allow IP range from our company.
Even worse is, when I tried pinging to this IP from my desktop computer, I am unable to ping the same - it is timing out.
Please note that in the past, I've been able to bring up servers and be able to connect from desktops without any issues - in a similar azure-companynetwork setup.
Am I missing anything here?
Ok, so pings do not work, you shouldn't even try that. What you should check is the firewall on you RHEL VM and check you've allowed port 8080 on you NSG, also your VM should have a PublicIP attached
According to your description, you had better check as the following ways:
1.Please ensure you could access your web by using 127.0.0.1:8080 on your VM.
2.Check your service listening.
netstat -ant|grep 8080
Please ensure 8080 is listening on tcp not tcp6.
3.Open firewall port on RHEL.
sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent
More information about RHEL firewall please refer to this link.
4.Open port on Azure NSG.
NSG could be associated with NIC and subnet, you should check all of them.
All,
It looks like there is an input firewall inside of RHEL7.3 that is preventing connections. I just stopped it using
service firewalld stop
I am able to get the home page.
Related
How to allow http traffic on vast.ai instance? I'd like to host GPU related code using fastAPI+nginx, but I am not seeing NGINX homepage after configuration. I am not seeing bad gateway error. What I am getting is "This site can’t be reached".
After configuration, I wanted to see Nginx homepage. It works on AWS, but when setting the instance on AWS, you get the option of choosing "Allow http/https traffic". On vast.ai, I do not see that.
Ok, so it didn't work by ssh-ing into the instance and running the fastAPI.
I rented another instance with Jupyter Notebook enabled.
So Jupyter + ngrok + uvicorn works. Since vast.ai instance IP isn't accessible, ngrok does the trick by providing a unique ip
new here. I'm currently trying to set up an implementation of Tabula on a Windows Server. I've set up a non-standard port to run the service (port 8090) and have set up firewall rules, but I can't seem to make it work. I've also been assured by the hosting company that they don't filter ports so all possible ports would have been blocked by either the router or the machine itself.
I've also set up port forwarding (with similar settings that work on the router). Didn't work.
I've also tried using port 80, then temporarily turning off the Apache server on that machine so it would free up that port. To no avail, alas.
I've also tried Proxypass, with the same failed results:
<Location /tab>
ProxyPass http://release.123-246.com:8090/
ProxyPassReverse http://release.123-246.com:8090/
</Location>
It works on localhost (127.0.0.1:8090) and local network address (192.168.0.4:8090, but only from within the machine's browser) but can't seem to make it work on live (78.46.210.12:8090)
Pretty sure I'm missing something, but I don't know what it is. Help please? I'm welcome to different approaches on this.
Did you check that Tabula is listening on the appropriate interface?
The version of Tabula that is packaged as a Windows application might not bind to the interface fronted by your reverse proxy.
Try this command to make Tabula listen on all available interfaces:
jruby -G -r jbundler -S rackup -o 0.0.0.0 config.ru
I am currently running a service with systemctl, and it is running as an http proxy, not normal http. Is this something that Google does? I am using port 8080 and I can't connect to it via http. My daemon is using port 8080, while using the type http-proxy (I am seeing this with the command nmap -sV -sC -p 8080 35.208.25.61 -vvvv -Pn). Instead, I want the daemon I'm running (wings.service) to use http, so it can use that type of connection to connect to my panel.
The panel is part of a piece of software along with the daemon, it's called pterodactyl. Anyways, I have tried everything on what to do, and I think this problem that I am addressing is the problem that causes dysfunction on my panel. I might just have to move to a different service to host my bots for discord.
Let me know if there's anything I can do to fix this.
As per I can understand you are unable to access the panel via web URL.
Pterodactyl web server can be installed using NGINX or Apache web servers, and both web servers by default listed on port 80 based on Pterodactyl web server installation guide, so you must enable HTTP port 80 traffic on your Compute Engine VM instance
The default firewall rules on GCP do not allow HTTP or HTTPS connections to your instances. However, it is fairly simple to add a rule that does allow them following this steps:
1.-Go to the VM instances page.
2.- Click the name of the desired instance.
3.- Click Edit button at the top of the page.
4.- Scroll down to the Firewalls section.
5.- Check the Allow HTTP or Allow HTTPS options under your desired VPC network.
6.- Click Save.
Note: The Pterodactyl panel and Daemon installation are not the same for each operating system, if after checking the VPC firewall rules on the VM settings and also the status of the web server in the instance (NGINX or Apache) you still cannot access your panel, please provide a step by step list with all commands you followed to complete the installation, including the OS version you used.
I'm trying to set up a malware analysis lab, following the instructions found here:
https://blog.christophetd.fr/malware-analysis-lab-with-virtualbox-inetsim-and-burp/
In setting up inetsim to simulate internet protocols, I keep getting "http_tcp_80 - failed!" everytime I run it. Changing the port it uses in the configuration file to 8080 causes the it to work. When I run it on a different vm, the configuration works as intended.
I have apache also installed on this vm. Could it be interfering?
Edit: I just installed a new vm to try using inetsim without apache installed. HTTP is reported to be running, but now dns_53_tcp_udp is reported to be failing to start. Trying to browse web pages to bring up inetsim's default page fails, regardless of if I use the FQDN or the IP address. The only time I get the page is with localhost. Otherwise, I get server not found. At least I know its not apache.
The error I get with DNS indicates that the 0.0.0.0 ip is already in use, which doesn't make sense to me since 0.0.0.0 is being used to bind the services to all IPs. Changing the inetsim.conf file so "service_bind_address 10.0.0.0" instead of "service_bind_address 0.0.0.0" seems to run dns, but the browser on both the analysis machine and the victim machine still report no server found.
You should stop the Apache server:
service apache2 stop
It works for me.
I guess there are some other processes listening on those ports.
Use
sudo netstat -tulpn | grep LISTEN
It will print out those processes with their pid. For example, 964 is the pid of the first process in this case:
Check if something is occupying your corresponding ports. Shut them down with
sudo kill -9 <pid>
Of course, the busy processes running on those ports may not in listening states but still be able to cause such a problem. So you can check it with
sudo netstat -tulpn
just in case.
Anyway, it does work for me.
I know how to configure WL to listen for a my IP address instead of localhost. I had done it in past and it worked as well. Today suddenly things are broken, as usual I started my server configured for listening to my IP address and I was not even able to open the WL console.
I thought it could be some proxy issue so I removed all my proxies and then tried but no help. Then just to be double sure I used curl and tried to GET the admin page but still no help.
Then I thought that it could related to some recent firewall blocking rules my company might have pushed so this link and added my port to unblock list for both inbound and unbound rules, but still not help.
Does anyone has any idea whether there is something I can do to debug or rectify this issue. Please note that I have already tried changing my WL listen address to "no address", specific address etc. but it doesn't help, and I have tried netstat -a -n command and I can see there is a connection listening for my IP:port, but in the end I cannot access that connection/socket or in other words I cannot access my WL admin console or my application
I am assuming that your servers and applications are running. But you are not able to access them.
In this case, You can start from here.
1. Verify whether you are able to ping the admin host. If so, see whether telnet is allowed on admin port.
2. Try accessing the console with both FQDN and ip address.
3. If vnc server is configured on your server which is hosting weblogic, try launching chrome from VNC to access weblogic admin console.