Troubleshooting the security group ports added by Alibaba Cloud and the inability to access them after adding them

Purpose:

1. In order to map the server's external network through Alibaba Cloud Server, it is necessary to add security group port external network access in Alibaba Cloud Server

2. Solution to the problem that the port cannot be accessed after adding the security group port

Prerequisites:
1. Set the Alibaba Cloud security group port
2. In the local cmd, telnet IP+port (note: the ip is followed by a space + port number). If it works, everything is fine. If it doesn't work, then perform a troubleshooting plan.

Troubleshooting plan (if there is a new troubleshooting direction, it will be added later):

1. If telnet is not working, consider whether it is a server firewall problem

1) Check all information to see if the added port exists (Note: the port after ports is the corresponding open port)

# firewall-cmd --list-all #Note the permission issue public (active)
 target: default
 icmp-block-inversion: no
 interfaces: eth0
 sources:
 services:dhcpv6-client
 ports: 1130/tcp 80/tcp 10051/tcp 5672/tcp

2) If not, add it, for example, add port 18002

#firewall-cmd --zone=public --add-port=18002/tcp --permanent

illustrate:
–zone #scope –add-port=80/tcp #Add port, the format is: port/communication protocol –permanent permanent effect, without this parameter, it will be invalid after restart

Other operations:

To add multiple ports:

firewall-cmd --zone=public --add-port=80-90/tcp --permanent
#Delete firewall-cmd --zone=public --remove-port=80/tcp --permanent

3) Restart the firewall

#firewall-cmd --reload

4) Check again whether the port is open (if it is open, the problem is solved perfectly)

# firewall-cmd --list-all
public (active)
 target: default
 icmp-block-inversion: no
 interfaces: eth0
 sources: 
 services:dhcpv6-client
 ports: 1130/tcp 80/tcp 10051/tcp 18002/tcp 7660/tcp
 Protocols: 
 masquerade: yes

Some basic firewall commands:

1: Check the fire protection status

systemctl status firewalld
 
service iptables status

2: Temporarily turn off the firewall

systemctl stop firewalld
service iptables stop

3: Permanently turn off the firewall

systemctl disable firewalld
chkconfig iptables off

4: Restart the firewall

systemctl enable firewalld
service iptables restart

5: Start the firewall

sudo systemctl start firewalld

This is the end of this article about the security group port added by Alibaba Cloud and the troubleshooting of the inaccessible problem after adding it. For more information about the security group port added by Alibaba Cloud, please search for previous articles on 123WORDPRESS.COM or continue to browse the following related articles. I hope you will support 123WORDPRESS.COM in the future!