There is a issue with xrdp that is not able to paste a password https://github.com/neutrinolabs/xrdp/issues/816 so I gave my ubuntu hyper-v image a fixed ip so I can connect using regular remote desktop so the password can saved and passed in. But when I try to connect to my ubuntu hyper-v image already running xrdp, I am not able to. Connection denied. I log in using the Hyper-V manager to go check if it is listening on port 3389.
netstat -an | grep "LISTEN " | grep ":3389"
The above returns nothing.
It turns out that Hyper-V Quick start overrides the port to use a vsock which makes it work with Hyper-V Manager but it is not compatible with regular RDP.
/etc/xrdp/xrdp.ini
port=3389
; 'port' above should be connected to with vsock instead of tcp
use_vsock=true
Save a checkpoint on the HyperV manager just in case you lose connectivity. Change the above from true to false, save then restart VM. (I tried just restaring the xrdp agen sudo /etc/init.d/xrdp restart but this left me with a black screen on the new session so I had to restart anyway)
The downside to this is that you will no longer be able to connect from the Hyper-V manager. The upside is that you will not have to type in your password every time.
Related
I had setup a WSL2 Ubuntu. Now I am running a local SQL Server instance on the 1401 port using Docker.
Container port:
0.0.0.0:1401->1433/tcp
I would like to connect this instance from SSMS but I am getting following error:
Server name: localhost, 1401
Error:
Cannot connect to localhost,1401.
A network-related or instance-specific error occurred while
establishing a connection to SQL Server.
The server was not found or was not accessible. Verify that the
instance name is correct and that SQL Server is configured to allow
remote connections.
(provider: TCP Provider, error: 0 - The wait operation timed out.)
(Microsoft SQL Server, Error: 258)
[Solution]
I am able to connect it via the WSL2 IP. I run "hostname -I" command in WSL2 and use the same IP in SSMS. And, I am able to make a connection
First question -- Is there a VPN running/connected in Windows? If so, ignore the rest of this and suspect that first. Make sure the VPN is not running, stop Docker, issue a wsl --shutdown, restart and try again.
Assuming that's not the problem ...
Normally, WSL2 provides a feature known as "localhost forwarding" which allows services/apps on Windows to communicate with the virtualized WSL2 IP using localhost. It essentially takes any localhost traffic that isn't directed to a port bound under Windows and forwards it to the Hyper-V virtual network for WSL2.
All WSL2 instances (including the Docker instance) share the same WSL2 network interface as they are all running in the same virtual machine/kernel.
So you seem to be doing the right thing in attempting to connect to localhost from SSMS.
But ... sometimes that localhost forwarding breaks. There are two common (related) scenarios that can cause this (and perhaps others):
Hibernation of the Windows host
Having Windows Fast Startup enabled in Power Manager
First check to make sure you can access 1401 from within WSL2:
nc -zv localhost 1401
^^^ assumes netcat is installed, which it is by default in the WSL2 Ubuntu distribution. For other distributions, install it or check connectivity via other methods.
If that doesn't succeed, then I'd suspect some configuration issue in SQL Server.
If that does succeed, then run the same test from the Windows host in PowerShell:
Test-NetConnection -ComputerName "localhost" -Port 1401
If that doesn't succeed, then I'd suspect a localhost forwarding issue.
Side note: I'm assuming you are running Docker Desktop, but if you are just running Docker Engine in a WSL2 instance, that's no problem. Just ignore the Docker Desktop instructions below.
First, check if you have a /etc/wsl.conf in any of your running WSL2 instances that mention disabling localhostForwarding. I'm assuming no, since that is not the default. However, if you happen to, make sure you set these to true.
Stop all WSL2 services, instances, shells, apps, etc. (including Docker Desktop)
From PowerShell:
wsl --shutdown
Then restart Docker Desktop and/or your container and try again
If localhost doesn’t work, try use [::1] in the server name. In WSL2, port 1433 is using IP/TCPv6, SSMS some times is not able to resolve localhost to loopback IP [::1].
Source: https://jayfuconsulting.wordpress.com/2020/11/14/sql-server-2019-docker-wsl-2/
One last thing which you could try is to modify the windows host file. I almost tried all the steps mentioned over different link, but all goes in vain. Then I opened the host file which could be accessed using
C:\Windows\System32\Drivers\Etc
Open the host file and uncomment(remove # sign) from the localhost name resolution section
I have an asp.net core that connects to a SQL Server. When I run it in docker on my local computer everything works as expected, but when run the docker image on a linux server (centos 8) i get a network error when trying to connect to the database. I don't know what to do, since I used the actual server's ip in the connection string and it still does not work.
Thank you a lot
You should configure the firewall correct and watch if SELinux is blocking you in some way.
Just to speed up your testing, try after these commands:
sudo su -
systemctl disable firewalld
setenforce 0
I'm trying to add a postgresql database as a datasource in IntelliJ IDEA Ultimate.
I've worked with a datasource through ONE ssh tunnel already. But now the database server is behind a firewall which only accepts ssh connections from a management server. The only way to access the db server goes over the management server.
So I (or IntelliJ) have to connect via ssh to this server and then, by using another user, tunnel via ssh to the database server.
Everything clear? :-D
The problem is, that IntelliJ offers only to configure one ssh tunnel. But after the first tunnel I need to use a second one, to finally connect to the database server...
Any Ideas?
Thx in advance.
I'd create a local port forward using OpenSSH or any similar tool which will forward 127.0.0.1:2222 to firewall:22 via the Management Server, then use IntelliJ IDEA tunnel configuration to 127.0.0.1:2222 like you would do with the single tunnel.
ssh -L 127.0.0.1:2222:firewall:22 <management server>
You can configure an External Tool to automate this process. On Windows machine I had great experience with Bitvise SSH Client for creating tunnels/port forwards and starting them automatically.
ssh supports your scenario out of the box. The trick is to create two entries in your ~/.ssh/config file for the management server, one for your-user and one for special-user. Then use ProxyJump to chain your connections together.
So, start by setting up a Host section for the management server and the user your are connecting to from your local machine:
Host mgmt
HostName management.server.com
User your-user
...
Then, set up a Host for the user on the management server that you will be logging in as:
Host mgmt-special-user
HostName management.server.com
User special-user
To this same host, add a directive to tell ssh to create a tunnel to your DB:
LocalForward <free-port-on-your-box> <db-ip-or-host>:<db-port>
Then tell ssh that this host can be reached from the first host:
ProxyJump mgmt
You can now ssh mgmt-special-user from your local machine. ssh will automatically jump through the mgmt host, and will also automatically extend the tunnel through mgmt and back to your local machine.
ProxyJump (-J) was added in OpenSSH 7.3 (released in 2016).
I have to connect to a fresh SQL Server Express 2017 on a machine not part of my domain. I have configured
Mixed Mode Installation with sa with password
SSMS -> Server -> Properties -> Connections -> Allow remote connections
SQL Configuration Manager -> Instance "EXPRESS2017" -> TCP/IP: Enable and Active and Port 1438
Restarted the "SQL Server (EXPRESS2017)" service.
I now tried to access from a remote computer, and got a timeout. I then tried to connect from the local SSMS, which works without special settings, but when under options, forced "Protocol: TCP/IP" is set, with the same credentials as before, I also got a timeout.
So am I right that I can rule out the firewall or problems finding the instance, and everything points towards a configuration issue in TCP/IP protocol, or did I overlook some setting?
EDIT: I have disabled Windows firewall, and no other firewall is installed on the computer. I have restarted the computer. I also found this article about PortQry and had a check - locally:
C:\Users\Administrator\Downloads>PortQry.exe -n 172.17.41.124 -p UDP -e 1434
Querying target system called:
172.17.41.124
Attempting to resolve IP address to a name...
IP address resolved to WIN-AECL8CJVS7E.test.local
querying...
UDP port 1434 (ms-sql-m service): NOT LISTENING
EDIT: I have run NETSTAT and it seems no port in the 14xx range is open at all, although the SQL Server Browser service is running. I must be missing something there...
You did not show your connection string, but I suppose you use your instance name here.
In order to connect to SQL Server the network library has to know 2 things: IP address and a port. Your instance is named and uses non-default port 1438.
So your connection string should use 172.17.41.124,1438 as server name, or, alternatively, you can use instance name like this: 172.17.41.124\EXPRESS2017 but SQL Server Browser should run.
In our enterprise I don't have access to MSSQL Server, so I can'r access the system tables.
What works for me is:
capture the network traffic Wireshark (run as Administrator, select Network Interface),while opening connection to server.
Find the ip address with ping
filter with ip.dst == x.x.x.x
The port is shown in the column info in the format src.port -> dst.port
If you have elevated rights to SQL but not the OS, you can query the log.
If you don't have access to the OS but can run queries, perhaps try:
USE master
GO
xp_readerrorlog 0, 1, N'Server is listening on'
GO
If you don't have elevated rights to SQL, from the client-side windows machine with an active connection, you could run a netstat command and see on which ports you are connected to the target. Filter on IP address of the host.
netstat -an | find "10.1.10.xxx"
You'll see that I have connections to the host on 3389 and 1433. Maybe this helps narrow it down.