Mosquito Server Refuses Connections Ubuntu 18.04
This is a fairly narrow issue, but I'm hoping the Ubuntu group can help. I asked on SO, but I am fairly sure the error I am getting is due to a missing setting in Ubuntu or an issue with my router port. I don't know how to debug this.
I installed Mosquitto on my Ubuntu 18.04 system. It operates on port 1883 by default. You can specify the exact port either on the command line or in the config file. I've tried many variations:
I opened port 1883 in the firewall via the ufw. That seems correct:
mark_admin:~$ sudo ufw status
Status: active
To Action From
-- ------ ----
1883 ALLOW Anywhere
5900 ALLOW Anywhere
1883 (v6) ALLOW Anywhere (v6)
5900 (v6) ALLOW Anywhere (v6)
I am able to connect to it from another computer on the local network. But when I try to open a connection from the "outside world" using the computer's actual IP address, I get a "No connection could be made because the target machine actively refused it" Error.
I forwarded the port in my router (a TP-Link AC1200).
TP-LINK PORT FORWARDING
I'm not sure how to trace this to ground...
Has anyone successfully run Mosquitto Server and had connections coming in on Ubuntu 18.04?
Is there anyway I can test the port to see if it is allowing traffic to come in via the internet?
firewall port-forwarding
New contributor
add a comment |
This is a fairly narrow issue, but I'm hoping the Ubuntu group can help. I asked on SO, but I am fairly sure the error I am getting is due to a missing setting in Ubuntu or an issue with my router port. I don't know how to debug this.
I installed Mosquitto on my Ubuntu 18.04 system. It operates on port 1883 by default. You can specify the exact port either on the command line or in the config file. I've tried many variations:
I opened port 1883 in the firewall via the ufw. That seems correct:
mark_admin:~$ sudo ufw status
Status: active
To Action From
-- ------ ----
1883 ALLOW Anywhere
5900 ALLOW Anywhere
1883 (v6) ALLOW Anywhere (v6)
5900 (v6) ALLOW Anywhere (v6)
I am able to connect to it from another computer on the local network. But when I try to open a connection from the "outside world" using the computer's actual IP address, I get a "No connection could be made because the target machine actively refused it" Error.
I forwarded the port in my router (a TP-Link AC1200).
TP-LINK PORT FORWARDING
I'm not sure how to trace this to ground...
Has anyone successfully run Mosquitto Server and had connections coming in on Ubuntu 18.04?
Is there anyway I can test the port to see if it is allowing traffic to come in via the internet?
firewall port-forwarding
New contributor
How do you define "the computer's actual IP address" in this context? The point of port forwarding is to route traffic from your router's WAN IP address to the private LAN IP address - the LAN IP has no significance on the "out"side
– steeldriver
4 hours ago
@steeldriver: What I meant is the address I would get from "WhatsMyIP" (i.e. 96.221.154.134) as opposed to the local address of 192.168.0.155. But I am wondering now if I need to do the port forwarding at the Version Router, not my TP-Link. Because that is what actually faces the outside world. I'm not sure. I don't know servers and routers real well.
– MarkJoel60
2 hours ago
Hmm... so you have multiple NAT routers between you and the public network? or is one configured as a plain switch?
– steeldriver
2 hours ago
On the TP-link, when you login to it, can you look and see if there is as status page or anything for "WAN" and if it lists an IP address there? What is it? That can help us tell if there is more than one layer of NAT to deal with here.
– Azendale
2 hours ago
add a comment |
This is a fairly narrow issue, but I'm hoping the Ubuntu group can help. I asked on SO, but I am fairly sure the error I am getting is due to a missing setting in Ubuntu or an issue with my router port. I don't know how to debug this.
I installed Mosquitto on my Ubuntu 18.04 system. It operates on port 1883 by default. You can specify the exact port either on the command line or in the config file. I've tried many variations:
I opened port 1883 in the firewall via the ufw. That seems correct:
mark_admin:~$ sudo ufw status
Status: active
To Action From
-- ------ ----
1883 ALLOW Anywhere
5900 ALLOW Anywhere
1883 (v6) ALLOW Anywhere (v6)
5900 (v6) ALLOW Anywhere (v6)
I am able to connect to it from another computer on the local network. But when I try to open a connection from the "outside world" using the computer's actual IP address, I get a "No connection could be made because the target machine actively refused it" Error.
I forwarded the port in my router (a TP-Link AC1200).
TP-LINK PORT FORWARDING
I'm not sure how to trace this to ground...
Has anyone successfully run Mosquitto Server and had connections coming in on Ubuntu 18.04?
Is there anyway I can test the port to see if it is allowing traffic to come in via the internet?
firewall port-forwarding
New contributor
This is a fairly narrow issue, but I'm hoping the Ubuntu group can help. I asked on SO, but I am fairly sure the error I am getting is due to a missing setting in Ubuntu or an issue with my router port. I don't know how to debug this.
I installed Mosquitto on my Ubuntu 18.04 system. It operates on port 1883 by default. You can specify the exact port either on the command line or in the config file. I've tried many variations:
I opened port 1883 in the firewall via the ufw. That seems correct:
mark_admin:~$ sudo ufw status
Status: active
To Action From
-- ------ ----
1883 ALLOW Anywhere
5900 ALLOW Anywhere
1883 (v6) ALLOW Anywhere (v6)
5900 (v6) ALLOW Anywhere (v6)
I am able to connect to it from another computer on the local network. But when I try to open a connection from the "outside world" using the computer's actual IP address, I get a "No connection could be made because the target machine actively refused it" Error.
I forwarded the port in my router (a TP-Link AC1200).
TP-LINK PORT FORWARDING
I'm not sure how to trace this to ground...
Has anyone successfully run Mosquitto Server and had connections coming in on Ubuntu 18.04?
Is there anyway I can test the port to see if it is allowing traffic to come in via the internet?
firewall port-forwarding
firewall port-forwarding
New contributor
New contributor
New contributor
asked 5 hours ago
MarkJoel60MarkJoel60
32
32
New contributor
New contributor
How do you define "the computer's actual IP address" in this context? The point of port forwarding is to route traffic from your router's WAN IP address to the private LAN IP address - the LAN IP has no significance on the "out"side
– steeldriver
4 hours ago
@steeldriver: What I meant is the address I would get from "WhatsMyIP" (i.e. 96.221.154.134) as opposed to the local address of 192.168.0.155. But I am wondering now if I need to do the port forwarding at the Version Router, not my TP-Link. Because that is what actually faces the outside world. I'm not sure. I don't know servers and routers real well.
– MarkJoel60
2 hours ago
Hmm... so you have multiple NAT routers between you and the public network? or is one configured as a plain switch?
– steeldriver
2 hours ago
On the TP-link, when you login to it, can you look and see if there is as status page or anything for "WAN" and if it lists an IP address there? What is it? That can help us tell if there is more than one layer of NAT to deal with here.
– Azendale
2 hours ago
add a comment |
How do you define "the computer's actual IP address" in this context? The point of port forwarding is to route traffic from your router's WAN IP address to the private LAN IP address - the LAN IP has no significance on the "out"side
– steeldriver
4 hours ago
@steeldriver: What I meant is the address I would get from "WhatsMyIP" (i.e. 96.221.154.134) as opposed to the local address of 192.168.0.155. But I am wondering now if I need to do the port forwarding at the Version Router, not my TP-Link. Because that is what actually faces the outside world. I'm not sure. I don't know servers and routers real well.
– MarkJoel60
2 hours ago
Hmm... so you have multiple NAT routers between you and the public network? or is one configured as a plain switch?
– steeldriver
2 hours ago
On the TP-link, when you login to it, can you look and see if there is as status page or anything for "WAN" and if it lists an IP address there? What is it? That can help us tell if there is more than one layer of NAT to deal with here.
– Azendale
2 hours ago
How do you define "the computer's actual IP address" in this context? The point of port forwarding is to route traffic from your router's WAN IP address to the private LAN IP address - the LAN IP has no significance on the "out"side
– steeldriver
4 hours ago
How do you define "the computer's actual IP address" in this context? The point of port forwarding is to route traffic from your router's WAN IP address to the private LAN IP address - the LAN IP has no significance on the "out"side
– steeldriver
4 hours ago
@steeldriver: What I meant is the address I would get from "WhatsMyIP" (i.e. 96.221.154.134) as opposed to the local address of 192.168.0.155. But I am wondering now if I need to do the port forwarding at the Version Router, not my TP-Link. Because that is what actually faces the outside world. I'm not sure. I don't know servers and routers real well.
– MarkJoel60
2 hours ago
@steeldriver: What I meant is the address I would get from "WhatsMyIP" (i.e. 96.221.154.134) as opposed to the local address of 192.168.0.155. But I am wondering now if I need to do the port forwarding at the Version Router, not my TP-Link. Because that is what actually faces the outside world. I'm not sure. I don't know servers and routers real well.
– MarkJoel60
2 hours ago
Hmm... so you have multiple NAT routers between you and the public network? or is one configured as a plain switch?
– steeldriver
2 hours ago
Hmm... so you have multiple NAT routers between you and the public network? or is one configured as a plain switch?
– steeldriver
2 hours ago
On the TP-link, when you login to it, can you look and see if there is as status page or anything for "WAN" and if it lists an IP address there? What is it? That can help us tell if there is more than one layer of NAT to deal with here.
– Azendale
2 hours ago
On the TP-link, when you login to it, can you look and see if there is as status page or anything for "WAN" and if it lists an IP address there? What is it? That can help us tell if there is more than one layer of NAT to deal with here.
– Azendale
2 hours ago
add a comment |
1 Answer
1
active
oldest
votes
I am assuming that your server has internet access.
If you can get to the port on the local network, then the problem is definitely with the port forwarding.
First, does your server machine have a static IP address inside the network? If not, I highly recommend getting that fixed first. The reason for this is that when you set up a port forward, it will want to know what internal (192.168.0.x range) address to forward to. But if your server is Dynamic (using DHCP) then it will occasionally move, and every time it does, it will break the port forwarding.
Second, looking at your screenshot of the port forwarding settings, it mostly looks good, EXCEPT, it has 192.168.0.144, which is different than the 192.168.0.155 listed in the comments on the question. Make sure you fix that.
Third, where are you testing connecting with the outside address (96.221.154.134)? If it is from behind the same router, unless your router supports "hairpin NAT" (which most consumer routers don't) then it will not work. But it will work for everyone else "out on the internet" (IE, people not behind the same router). So it could be all working, and just how you are testing it could be broken. Obviously, if you are behind the same router, you should just use the internal address instead of the public address (if possible, IE, you aren't using DNS names that answer with the same address regardless of what router you are behind).
If there is anything not making sense, please, comment on this answer, and I'll try to help you further.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
MarkJoel60 is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1121524%2fmosquito-server-refuses-connections-ubuntu-18-04%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I am assuming that your server has internet access.
If you can get to the port on the local network, then the problem is definitely with the port forwarding.
First, does your server machine have a static IP address inside the network? If not, I highly recommend getting that fixed first. The reason for this is that when you set up a port forward, it will want to know what internal (192.168.0.x range) address to forward to. But if your server is Dynamic (using DHCP) then it will occasionally move, and every time it does, it will break the port forwarding.
Second, looking at your screenshot of the port forwarding settings, it mostly looks good, EXCEPT, it has 192.168.0.144, which is different than the 192.168.0.155 listed in the comments on the question. Make sure you fix that.
Third, where are you testing connecting with the outside address (96.221.154.134)? If it is from behind the same router, unless your router supports "hairpin NAT" (which most consumer routers don't) then it will not work. But it will work for everyone else "out on the internet" (IE, people not behind the same router). So it could be all working, and just how you are testing it could be broken. Obviously, if you are behind the same router, you should just use the internal address instead of the public address (if possible, IE, you aren't using DNS names that answer with the same address regardless of what router you are behind).
If there is anything not making sense, please, comment on this answer, and I'll try to help you further.
add a comment |
I am assuming that your server has internet access.
If you can get to the port on the local network, then the problem is definitely with the port forwarding.
First, does your server machine have a static IP address inside the network? If not, I highly recommend getting that fixed first. The reason for this is that when you set up a port forward, it will want to know what internal (192.168.0.x range) address to forward to. But if your server is Dynamic (using DHCP) then it will occasionally move, and every time it does, it will break the port forwarding.
Second, looking at your screenshot of the port forwarding settings, it mostly looks good, EXCEPT, it has 192.168.0.144, which is different than the 192.168.0.155 listed in the comments on the question. Make sure you fix that.
Third, where are you testing connecting with the outside address (96.221.154.134)? If it is from behind the same router, unless your router supports "hairpin NAT" (which most consumer routers don't) then it will not work. But it will work for everyone else "out on the internet" (IE, people not behind the same router). So it could be all working, and just how you are testing it could be broken. Obviously, if you are behind the same router, you should just use the internal address instead of the public address (if possible, IE, you aren't using DNS names that answer with the same address regardless of what router you are behind).
If there is anything not making sense, please, comment on this answer, and I'll try to help you further.
add a comment |
I am assuming that your server has internet access.
If you can get to the port on the local network, then the problem is definitely with the port forwarding.
First, does your server machine have a static IP address inside the network? If not, I highly recommend getting that fixed first. The reason for this is that when you set up a port forward, it will want to know what internal (192.168.0.x range) address to forward to. But if your server is Dynamic (using DHCP) then it will occasionally move, and every time it does, it will break the port forwarding.
Second, looking at your screenshot of the port forwarding settings, it mostly looks good, EXCEPT, it has 192.168.0.144, which is different than the 192.168.0.155 listed in the comments on the question. Make sure you fix that.
Third, where are you testing connecting with the outside address (96.221.154.134)? If it is from behind the same router, unless your router supports "hairpin NAT" (which most consumer routers don't) then it will not work. But it will work for everyone else "out on the internet" (IE, people not behind the same router). So it could be all working, and just how you are testing it could be broken. Obviously, if you are behind the same router, you should just use the internal address instead of the public address (if possible, IE, you aren't using DNS names that answer with the same address regardless of what router you are behind).
If there is anything not making sense, please, comment on this answer, and I'll try to help you further.
I am assuming that your server has internet access.
If you can get to the port on the local network, then the problem is definitely with the port forwarding.
First, does your server machine have a static IP address inside the network? If not, I highly recommend getting that fixed first. The reason for this is that when you set up a port forward, it will want to know what internal (192.168.0.x range) address to forward to. But if your server is Dynamic (using DHCP) then it will occasionally move, and every time it does, it will break the port forwarding.
Second, looking at your screenshot of the port forwarding settings, it mostly looks good, EXCEPT, it has 192.168.0.144, which is different than the 192.168.0.155 listed in the comments on the question. Make sure you fix that.
Third, where are you testing connecting with the outside address (96.221.154.134)? If it is from behind the same router, unless your router supports "hairpin NAT" (which most consumer routers don't) then it will not work. But it will work for everyone else "out on the internet" (IE, people not behind the same router). So it could be all working, and just how you are testing it could be broken. Obviously, if you are behind the same router, you should just use the internal address instead of the public address (if possible, IE, you aren't using DNS names that answer with the same address regardless of what router you are behind).
If there is anything not making sense, please, comment on this answer, and I'll try to help you further.
answered 2 hours ago
AzendaleAzendale
8,85373962
8,85373962
add a comment |
add a comment |
MarkJoel60 is a new contributor. Be nice, and check out our Code of Conduct.
MarkJoel60 is a new contributor. Be nice, and check out our Code of Conduct.
MarkJoel60 is a new contributor. Be nice, and check out our Code of Conduct.
MarkJoel60 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1121524%2fmosquito-server-refuses-connections-ubuntu-18-04%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
How do you define "the computer's actual IP address" in this context? The point of port forwarding is to route traffic from your router's WAN IP address to the private LAN IP address - the LAN IP has no significance on the "out"side
– steeldriver
4 hours ago
@steeldriver: What I meant is the address I would get from "WhatsMyIP" (i.e. 96.221.154.134) as opposed to the local address of 192.168.0.155. But I am wondering now if I need to do the port forwarding at the Version Router, not my TP-Link. Because that is what actually faces the outside world. I'm not sure. I don't know servers and routers real well.
– MarkJoel60
2 hours ago
Hmm... so you have multiple NAT routers between you and the public network? or is one configured as a plain switch?
– steeldriver
2 hours ago
On the TP-link, when you login to it, can you look and see if there is as status page or anything for "WAN" and if it lists an IP address there? What is it? That can help us tell if there is more than one layer of NAT to deal with here.
– Azendale
2 hours ago