I have created a VM instance with windows OS (windows-server-2019-dc-v20200211) in Google cloud.Established RDP connection and installed Jenkins on the VM, but how can I access it from other networks using the VM's external ip?
Could someone help me on this!!
Note: I want to install Jenkins in windows server and not on Linux.
I'll suggest you should check the following:
First, make sure your local firewall on windows server is enabled and allows connections on port 8080. Secondly, Network ACL for both incoming traffic on TCP 8080 and outcoming traffic on TCP port 8080 should be allowed.
Also check some of these stackoverflow use cases for more help: [1]https://superuser.com/questions/1212645/cannot-expose-jenkins-externally [2]https://apple.stackexchange.com/questions/31376/how-can-i-open-port-8080-of-mac-os-x-lion [3] Jenkins server is not accessible by host name (ip address)
Related
Hello sorry for stupid question.. But i have googled it for a week and still can't find the answer.
Currently I'm using Virtualbox for ubuntu server 18.04 and I have installed docker on it. I have run docker apache server by using sudo docker pull httpd and sudo docker run -t --name apache -p 8080:80 httpd
And there is the problem. I can show the website by using curl 127.0.0.1:8080 but i can't access from the other network or other machine in different network.
For instance my virtualbox's ip address is 1.1.1.1 and host pc which is window is 2.2.2.2.
When i ping to each other it all works. But when i try to access 1.1.1.1:8080 from host pc i can't access
What should i check or do to solve this problem.
Thank you
For "1.1.1.1:8080" access on the host- Try opening TCP traffic on port 8080 of your virtual machine with firewall-cmd or an equivalent Ubuntu utility. "1.1.1.1:8080" should then become available on your host server.
For "2.2.2.2:XXXX" access from other devices on your home network(s)- You might need to both route the port of your VM to a port of your host (unless you have a pass-through NIC configured on the VM) on the VM manager plus open an additional firewall on your host server on the host port you've mapped to for access by other devices on your home network. After those steps on the host port "2.2.2.2:XXXX" should be the web server IP accessible by any device on your network(s).
For PUBLIC_IP:PUBLIC_PORT access from outside networks (external to your modem and available to the world)- IPs on your home networks can't be accessed from other networks. Access from other devices on your network is controlled by your firewall on your OS. Access from outside networks is controlled by port forwarding on your modem. I don't recommend port forwarding for a custom app unless you understand some of the security loopholes that can exist on a development web server. But to manage port forwarding go to http://INTERNAL_IP_OF_YOUR_MODEM and you'll get a management interface for managing your port forwarding settings. You'll also see your public IP on your router's management UI or by googling "my ip address".
You can map your modem's IP to an official www web domain with a web domain service like GoDaddy. You can map your internal IPs to internally known web domains by editing /etc/hosts files on the devices on your network.
I'm running virtualbox locally and I've used port forwarding like this
0.0.0.0:7000 -> 0.0.0.0:7000
so that I can do
curl http://localhost:7000
from host to vm and be able to communicate with the application running in the vm and listening to port 7000.
Is it possible to make the reverse? I want to set a port forward to be able to
curl http://localhost:6000
from my vm and be able to communicate with the app that runs on host and listens on port 6000.
I'm using NAT.
I already know about bridged network and about using the network IP of my host. I can't use those. All I'm interested in is the above.
Exclaimer:
The reason of the limitations above is because I'm using dinghy with docker and docker-machine. If I change the network to something else than NAT the setup will break. Moreover I can't use something else than localhost since these are the defaults that the apps have and I need them to communicate as if they were running both on host.
Possible options:
Setup an SSH tunnel with ssh -R, see https://unix.stackexchange.com/questions/46235/how-does-reverse-ssh-tunneling-work
Setup Nginx or Apache reverse proxy on the vm to forward traffic to host.
Force the VM to think localhost is your host ip by adding it to the /etc/hosts file (this has the potential risk of breaking other services that may depend on localhost being 127.0.0.1)
I'm running VirtualBox on a ubuntu (host), the VM i'm using is fedora (guest). VirtualBox is setup to use the NAT network adapter, and I'm able to get to the internet.
i use Port Forwarding to access ssh and the rails web server
port Forwarding Rules
<NAT>
<DNS pass-domain="true" use-proxy="false" use-host-resolver="false"/>
<Alias logging="false" proxy-only="false" use-same-ports="false"/>
<Forwarding name="Rule 1" proto="1" hostport="5679" guestport="22"/>
<Forwarding name="Rule 2" proto="1" hostport="3080" guestport="3000"/>
</NAT>
now i can access internet on guest machine , and i can logging through ssh
but i cannot access the Rails web server on port 3080
i tried :
localhost:3080
10.0.2.15:3080 #the guest IP
what i can do all i need is SSH and internet connection and open the web site i host on gust machine by Browser in host machine
thanks
Just a stab in the dark here but this might be your issue...
When you provision a new Linux Virtual Machine in VirtualBox, the Network settings for that VM are set to 'NAT'. This results in your new VM being assigned a 10.x.x.x address.
Change this setting to Bridged mode, which will assign your VM an address within the same subnet as your host (most likely 192.168.x.x).
Try to connect to the site running on your host.
If you're still not able to access the site running on localhost, confirm the app isn't blocking connections from your new VM. Add a rule in to your access list (possible iptables) permitting tcp port 80 traffic from your VM's address (found using ifconfig).
Happy hunting!
In your VB you have to set network only with host. It is in preferences->network.
Then you can access your virtual machine via 192.168.56.101 from ubuntu. Port forwarding set on this network card. List it with ifconfig. I recommend to use iptables for port redirects.
I installed a Jenkins server on port 8080.
Then I installed GitBlit, which usually takes port 8080 too, so that I changed to port 8082.
On the machine I can call localhost:8082, but from remote 192.168.178.3:8082 is not available.
Jenkins response works on 192.168.178.3:8080
I opened the port on the hardware firewall. Still no response.
The last thing I could image is the Windows firewall, but even after opening the port for TCP for in and out its not working?
Or where do you think the problem is?
If you are using Gitblit GO, the default config for Gitblit GO will bind to localhost and will be unreachable from another machine. Check out server.httpBindInterface and server.httpsBindInterface.
Perhaps you need to do any port forwarding on your hardware firewall?
If you suspect Windows, you can add your program/service to the exception list in you Win Firewall settings. You can make this by going to:
START->Control Panel->Windows Firewall->Windows Firewall with Advanced Security
and modify Inbound and Outbound rules.
I am currently using Ubuntu 10.04 for some rails development. It is installed as a guest machine using VirtualBox on a Windows 7 x64 host.
Within Ubuntu, I am trying to port tunnel several ports from a remote server directly to the Guest OS in order to avoid having to download a remote database.
Let's say I want to forward port 5000 on the remote server to port 5000 on the guest os.
I have set up a forwarder for the port on the Windows side, using VBoxManage.exe. This forwards HostPort 5000 to GuestPort 5000.
Then within ubuntu I run, ssh -L5000:127.0.0.1:5000. However, whenever I try to access "127.0.0.1:5000", I receive the message "channel 7: open failed: connect failed: Connection refused"
Am I missing something?
Thanks for the help!
connect failed: Connection refused
This means that you'r not able to connect to 5000 on the remote end.
If you'r only using this connection from within your guest through your SSH tunnel then you don't need the forward from VBoxManager, as this will open op so that outside computers can connect directly to your guest, it won't help your guest connect to the outside.
Are you sure the server you connect (SSH) to is the same server that runs your database? And is the database running on that server?
When you've connected (SSH) to the server, you can try to list what ports are listening for connections or you could try to connect to the database with telnet. To list listeners you can run "netstat -lnt" (-l shows listening, -n is numeric (show IP and port number) and -t is tcp). You should have a line like "tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN" if you have a service listening for TCP on port 5000. To try and connect you can simply do "telnet 127.0.0.1 5000", if you can't connect with telnet from the server then the database ain't listening/allowing your connection, or the server is running on another port or server.
SSH uses TCP traffic by default, right?
Just to verify, NAT in VirtualBox does have these limitations (per the User Manual):
There are four limitations of NAT mode which users should be aware of:
ICMP protocol limitations: Some frequently used network debugging tools (e.g. ping or tracerouting) rely on the ICMP protocol for sending/receiving messages. While ICMP support has been improved with VirtualBox 2.1 (ping should now work), some other tools may not work reliably.
Receiving of UDP broadcasts is not reliable: The guest does not reliably receive broadcasts, since, in order to save resources, it only listens for a certain amount of time after the guest has sent UDP data on a particular port. As a consequence, NetBios name resolution based on broadcasts does not always work (but WINS always works). As a workaround, you can use the numeric IP of the desired server in the \server\share notation.
Protocols such as GRE are unsupported: Protocols other than TCP and UDP are not supported. This means some VPN products (e.g. PPTP from Microsoft) cannot be used. There are other VPN products which use simply TCP and UDP.
Forwarding host ports lower than 1024 impossible: On Unix-based hosts (e.g. Linux, Solaris, Mac OS X) it is not possible to bind to ports below 1024 from applications that are not run by root. As a result, if you try to configure such a port forwarding, the VM will refuse to start.
Try ssh -L5000:0.0.0.0:5000 instead of ssh -L5000:127.0.0.1:5000
There is something called a "loopback" that is tangled up with 127.0.0.1 that will cause you grief if trying to access ports from a different machine. I.e. your host machine.