CODEWITHSUNDEEP
databasemongodbubuntu
user3226932
user3226932

Reputation: 2232

can't connect to mongodb remotely after opening ubuntu firewall and mongod.conf

Can't connect to mongodb remotely on fresh installation of mongodb on ubuntu 20.10 server on Linode.

root@localhost:~# sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
27017                      ALLOW       0.0.0.0
22 (v6)                    ALLOW       Anywhere (v6)

/etc/mongod.conf

net:
  port: 27017
  bindIp: 0.0.0.0

mongo server is up and running

root@localhost:~# sudo service mongod status
● mongod.service - MongoDB Database Server
     Loaded: loaded (/lib/systemd/system/mongod.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2021-04-04 18:34:05 UTC; 19min ago
       Docs: https://docs.mongodb.org/manual
   Main PID: 1332 (mongod)
     Memory: 161.0M
     CGroup: /system.slice/mongod.service
             └─1332 /usr/bin/mongod --config /etc/mongod.conf

Apr 04 18:34:05 localhost systemd[1]: Started MongoDB Database Server.

netstat on host running mongo server

root@localhost:~# sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:27017           0.0.0.0:*               LISTEN      1332/mongod
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      640/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      817/sshd: /usr/sbin
tcp6       0      0 :::22                   :::*                    LISTEN      817/sshd: /usr/sbin
udp        0      0 127.0.0.53:53           0.0.0.0:*                           640/systemd-resolve

nc -zv IP_ADDRESS 27017 times out, so mongo -u $DB_USERNAME -p $DB_PASSWORD IP_ADDRESS/admin will just time out as well

nc -zv IP_ADDRESS 22 works as expected

Upvotes: 1

Views: 3925

Answers (1)

user3226932
user3226932

Reputation: 2232

solved by doing sudo ufw allow 27017 instead of sudo ufw allow from 0.0.0.0 to any port 27017

root@localhost:~# sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
27017                      ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)
27017 (v6)                 ALLOW       Anywhere (v6)

Upvotes: 5

Related Questions