Hi I have a server running on my computer, and the client program tries to connect with my IP address on port 5000 through a TCP connection. How do I get my computer to allow this? I know it has something to do with port forwarding settings but I forget how to do it. I use Verizon if that helps.
It depends on your location / computer / OS which you don't specify. It sounds though like your running a server at home??
To accomplish this in Windows, I would set a rule on my router to allow tcp over 5000 and specify to which local IP address to forward it and on the receiving PC/server in Windows Firewall set a custom rule to again allow tcp 5000.
Related
I have set up a mosquitto-broker on my raspberry pi which I have running on my local network. I've tested this locally using the paho-mqtt package in python which is working, however I want to access this broker remotely (outside my local network).
From what I understand, the safest way to do this is to use TLS-authentication and configure mosquitto to listen on port 8883, rather than opening the un-encrypted 1883 port, where login credentials can be sniffed. This is where my problems start, as I suspect my ISP doesn't allow forwarding port 8883 to the (static) IP-address of my RPi. (Port wont open no matter what I try, and I've tried googling this specific issue.)
So my question is:
Is it possible to use another port than the default 1883 or 8883 (which my ISP hopefully allows to be opened) for accessing my locally hosted mosquitto-broker? For example one of the higher-valued ports, which I understand is not reserved for anything.
I'm imagining connecting to the broker by using my external IP-address with this port (xxx.xxx.xxx.xxx:yyyyy) and either tunneling this data to the 8883-port on the local network, or configuring mosquitto to listen on the selected port. Any tips on how I can solve this issue?
EDIT
Thanks for your answers! I just got off the phone with my ISP, and unfortunately they don't allow opening ANY ports because I live in a university dorm, so opening a different port won't work either. I guess using a cloud broker is the only option.
You can use any ports you want (or that your operating system will permit). MQTT uses certain ports by convention but is not restricted to using those ports. You're even welcome to encrypt on port 1883 if you want.
You'll need to do four things:
write the listener configuration directive correctly to use the port you want to use and make sure that you're listening on 0.0.0.0 in order to listen on all network interfaces, or the IP address of a specific network interface to listen on.
correctly configure encryption after the listener directive
ensure that the port you chose is accessible through any firewall your server may be running
properly configure any clients to use the port you configured and work with the encryption you configured
If you want to make it accessible over the Internet you'll need to open a port on your router as well.
If you do make it accessible over the Internet, please require authentication. Encryption won't stop strangers from connecting to your broker, it will just stop eavesdropping on them. Turn off allow_anonymous and set up some Mosquitto accounts.
i am on a Windows machine and need to connect to an application on a Unix box under a certain port.
i've been told it's open but i'm still having difficulties getting in, is there anything in can do on my end to debug this? how can i check if the port of the Unix server is really open from my IP address?
You can use Telnet.
E.g. telnet example.com 80 to check if the server at example.com accepts connections on port 80.
I gave an answer to following thread. but in the comment a user suggested that network admin can change the default port of http from 80 to something else.
As for as I know if I open a page eg. http://www.example.com without port that means it is running on port 80.
I just want to clarify that is it possible for network admin to change default port?
When using a browser, http://www.example.com will always try and connect to the server's TCP port 80, like it's port 443 for HTTPS connections. These port numbers (defined here) are hard coded in any browser.
Yet a web server can be configured to listen to any other port, which rarely makes sense though. If it does, the browser will be unable to connect (unless the port no. is explicitly given as in http://myserver.com:81).
How Can I Access My Locally Hosted IIS WebSite from Remote Computer By My IP Address ?
You have to check you ip here, make sure that you are forwarding port 80 (especially if you're in a locale home network), and then you could access your server by http://<server_ip> e.g. http://192.168.0.6
Note that as long as you don't have a fixed (static) ip, your ip address might change, and you'll have to recheck it.
Another note- The default HTTP port is 80, and by using port 80 you could access your server via browsers without writing the port number. If for any reason you like to switch port, make sure your forward that port number and access your site by http://<server_ip>:<port_number> , e.g. http://192.168.0.6:8080
if you are using some other port. then you can go with http://<ip_address>:<port_no>
I have a working SSL server implementation, but the problem is that the server is visible only for devices in my local network, and can't be accessed from outside.
Is this a common problem for servers, or have I done something wrong? Could it be my Linux distribution limiting the visibility?
Best regards,
Rat
If you are behind a NAT firewall which most modem/router/switch all-in-one boxes use, then you will need to set up port forwarding on the router.
Port forwarding allows an incoming connection on a port on the WAN side of the modem/router to get forwarded to a LAN computer.
See http://portforward.com/ for help setting up port forwarding.