I am using docker 19.03.5 in my ubuntu 18.04. Usually, I can access all the containers. Everything is ok but the real problem arises when I connect my machine to a VPN client(Cisco anyconnect). I can not access any containers while as soon as I connected to the VPN. Is there any way so that I can access docker containers even connected to a VPN?
I have faced this problem and tried all possible solutions available in Internet, but nothing worked. It looks like Cisco Anyconnect vpn takes an exclusive control over the routing of the system and any changes made are not showing any effect.
The following worked for me. Instead of Cisco Anyconnect, use OpenConnect VPN. Both uses same protocol. To download:
sudo apt install openconnect network-manager-openconnect network-manager-openconnect-gnome
Reboot your PC and then go to VPN Settings -> Multi-protocol VPN client (open connect) and provide the settings as per your organisation requirement.
That's because the VPN is configured to use full-tunelling. The network administrator should configure a split-tunnelling profile.
Full tuneling:
[PC] ---> [VPN] ---> { all networks
Split Tunneling:
[PC] ------> [VPN] ---> [Configured networks]
\-----> [Internet / other networks]
Another thing you can try is editing the routes.
You can add a route pointing to your container IP and specifying the good network adapter, then you have to set a higher priority on this route than on the default gateway of the VPN.
This issue is not related to Docker daemon / container settings. VPN server configuration is to blame (disabled split-include or prohibited local network access).
Because of that you have limited options how to resolve this:
Ask VPN server administrator to allow split-include (mikrotik terminology)
Check anyconnect client settings for something like "route all traffic thru VPN" and disable it
Create custom static routing on your machine to access specific IP range (servers behind VPN server) thru interface created by anyconect client
Related
I am looking to setup AzerothCore for LAN only use.
I am using an ESXi install with an Ubuntu 20.4.3 instance with latest Docker and Portainer for management. I am able to walk through the install process and it works great.
I switched the realmlist in the database to the LAN IP via HeidiSQL, setting both address and localaddress to LAN IP. I have tried just address and localaddress, leaving the other at 127.0.0.1.
I am using a fresh client install and set realmlist there too. I have tried both the dns and the IP, currently set to LAN IP.
I have not touched the compose file or modified authserver or worldserver config files. I am not certain where to look or what to change.
I am able to login with the ID I created all the way to see the Realm, which I select and hit enter. After a short pause the client screen returns to the realm selection screen. Not knowing the backend, I am not sure what is missing now.
I've developed a Grails application and I want my coworkers to be able to test it. They are on my network so I figure they can access it by using my IP address and the port number (8080). I've tried running it according to the steps laid out here and here to no avail.
I noticed that whenever I run the program, even when I follow those instructions, it says:
Grails application running at http://localhost:8080 in environment: development
Basic networking stuff here.
When something starts on interface 127.0.0.1 port something
Usually that port is then available for all the interfaces on the machine
if you run netstat -plant you will see running ports open on the machine.
Basically what ever ipconfig or ifconfig tells under Linux as your internal interface something like 192.168.1.x
The app is then available on http://192.168.1.x:8080
If you can't access it from other machines on network start by trying to ping {your machine ip}
It sounds like network security stopping local access from 1 machine accessing another.
Or even better still your good old MS firewall try stopping your security stuff on your desktop
It's not clear if you can access the app yourself on your own machine? It should be available at:
http://localhost:8080/appname
Your co-workers should be able to access the app by changing localhost to your computer name:
http://mycomputername:8080/appname
Possible to Change Jenkins URL? : http://localhost:8080
Currently I have jenkins setup on a virtual machine.
Is it possible to setup Jenkins on a URL which is more is accessible for other users?
For example I dont want other users to access test results by connecting to the Virtual machine instead I want them to access a URL from their own device in turn enabling them to login and see test results via jenkins.
thanks for you help
Let's say IP of your virtual machine is 192.168.x.x.
Open the Port 8080 via firewall and then change the URL of jenkins from
"Manage Jenkins >>Config Sys >> Jenkins Location>" to "http://192.168.x.x:8080"
Now you can access it from other machine on same network domain.Just have to hit the url http://192.168.x.x:8080
You can now create different users with different privileges for the same.
You can find it under Manage Jenkins >> Manage Users >> Create Users.
It is related to networking. The machines should be on the same network, so they can talk to each other (unless you have public IP).
The ONLY rule to give access is, that machines can talk to each other (of course, in their language, 0's & 1's).
I suggest following things to do to share the URL:
Ask the users to connect to the same network that your machine is in.
Verify whether they are able to PING your machine IP (get it from ipconfig command for windows - router assigns IP for your machine, that starts with 192.168 or 10.10). command example: ping 10.10.1.10
If any issues in Ping, it might be Windows Firewall or Anti-virus which might be blocking, so allow the IPs in your firewall so they can access your machine.
Then ask them to access Jenkins using the following URL http://[IP of your machine:8080]
We want the Jenkins web interface to be accessible from anywhere (not
just on the local machine), so we’re going to open up the config file:
sudo nano /usr/local/opt/jenkins-lts/homebrew.mxcl.jenkins-lts.plist
Find this line:
<string>--httpListenAddress=127.0.0.1</string>
And change it to:
<string>--httpListenAddress=0.0.0.0</string>
RF : Installing Jenkins on macOS
I have created a VM which has a server running at localhost:8675/ which I had wanted to connect to my host machine at the same port for ease of understanding. I was following these to documents for information:
https://www.virtualbox.org/manual/ch06.html
http://www.howtogeek.com/122641/how-to-forward-ports-to-a-virtual-machine-and-use-it-as-a-server/
When I was in my VMWare Workstation, I clicked on my VM, then did: Edit > Virtual Network Editor. After that, enabled Change Settings which relaunched the window in admin mode. I clicked on the Row with Type NAT and external Connection NAT and in the VMNet Information with the NAT radio button pressed, I clicked the NAT Settings Button.
I said: Add... and then did:
Host: 8675
Type: TCP
VMIP: 127.0.0.1:8675
Description: Port Foward of 8675 from Host to VM.
It looks like everything is good. I say Ok and Apply in succession. It looked like it shut down nat and restarted some services.
I confirmed in the VM, the 127.0.0.1:8675 is correct.
In the HOST, I tried to go to: http://localhost:8675/ and it says: ERR_CONNECTION_REFUSED
I figured this was all I needed to do.
I was looking up some additional information and noticed that some people have had to configure firewalls. I wasnt sure if i needed to though, as I was thinking that the HOST and VM are all in 1 actual machine, it might be entirely self contained.
Is there a critical task I am missing?
I saw this post: https://superuser.com/questions/571196/port-forwarding-to-a-vmware-workstation-virtual-machine
which told me to just adjust it to bridged and use it that way. Does this solve the issue of connecting HOST / VM Issue.
I don't want to say this is the correct answer though as the question itself is particular to NAT, but this is a valid alternative answer that does work.
This is solves the base issue at hand, but not the question.
When you use NAT, the host system and the guest boxes have completely different IP addresses on their virtual subnet, so my guess is that when from the host system you try to connect to localhost:8675 you are actually trying to connect to port 8675 of the host and not of the guest. So don't use the localhost or 127.0.0.1 syntax, but discover the real IP address of the guest and use it.
If your guest is Windows use the ipconfig command, if Linux use ifconfig.
Probably you will also have to configure the firewall on the guest side.
EDIT:
Commenting the sentence "NAT: Used to share the host's IP address.": it probably refers to the IP address of the real ethernet adapter you have on your host and that is shared by host and guests to access the internet. That's not related to the way your host and guests communicate together. For example I use VMware Workstation to run a virtual Linux box in Windows. Selecting NAT, VMware creates a virtual subnet called VMnet8. In this subnet the virtual router has address 192.168.120.0, my Windows host is assigned a virtual ethernet adapter with address 192.168.120.1 and my Linux guest has got address 192.168.120.128. So when I want to access a Samba shared folder from Windows I type "net use * \192.168.120.128" in a Windows command prompt. When I want to access a Windows shared folder from Linux I type "sudo mount.cifs //192.168.120.1/path_to_shared_folder target_folder".
I believe you actually answered your question correctly as I was following it and achieved desired outcome.
IMHO, the error: ERR_CONNECTION_REFUSED indicates that a firewall on your host OS or guest OS (your VM) or on both doesn't allow the communication through the given ports.
The easiest thing would be to try to disable firewalls on boths, your HOST and GUEST OS.
Not sure what are your OSes, but here is just a good guide for setting up firewall rules on Ubuntu
I have to periodically administer my parent's Linux computer, because they are too old to understand how to do this themselves. Computer is in the remote location. I always used ssh through the port forwarding on the router. However, their provider recently removed the ability to make any inbound connection and my ssh doesn't connect any more.
My question is: what is the next best way to administer it?
I know that VPN can possibly be used. I can (maybe) set up VPN network with this computer.
Also I can make it try to connect with ssh to my home computer on a particular port for ex. every 15 minutes, establishing the port forwarding back to it. Custom shell script should be used for this.
But what are the alternatives?
Any other, nicer way to be able to connect to this Linux machine from outside?
Similar to your suggestion: get your parents to run a script (all they would have to do is double click something) which ssh's to your computer, and then run back on that?