By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Elastic IP not connecting

0

I have an oracle server that was using an assigned IP address, I could connect remotely using SQLPlus or SQL Developer. I shut the server down, than associated an Elastic IP address to the server and restarted it. I can no longer connect remotely using the public IP address. I tried: netcat -vc <public ip> 1521, and it timed out. I checked the security groups have not changed.

Topics
ComputeAWS Well-Architected Framework
Tags
Amazon EC2Security
Language
English
Jonathan
asked 9 months ago241 views
5 Answers
0

Yes I am running in EC2, I am using a Oracle Database 19c Enterprise Edition on Oracle Linux 8 by Cognosys Inc Hardened Images and it was working just fine until I stopped it, and assigned it an Elastic IP then re-started it. I have a security group with ports 1521 and 1158 open for input and all port open for output. I can telnet to my public Elastic IP address, and use SQLPlus, so I know Oracle is running. When I ping the Elastic IP address from a remote computer It works, however attempting to access port 1521 from a remote computer via netcat or SQLPLus hangs. I have removed the security group and reapplied it, no change.

Jonathan
answered 9 months ago
  • Steve_M EXPERT
    9 months ago

    I can telnet to my public Elastic IP address,

    Which port are you connecting to, is this SSH on port 22 or a SQL connection on 1521 (or something else)?

    As it's a hardened Oracle Linux image you're using I take it that it cannot be plain telnet on port 23.

    When I ping the Elastic IP address from a remote computer It works,

    This means a security group allowing inbound ICMP is associated with the interface that has the elastic IP. Is this the same security group that you mention allows ports 1521 and 1158?

0

I have 2 security groups the launch-wizard which show the ssh port of 22, and I am about to use putty to connect, and an oracle-rds group which show ports 1521 and 1158 which I am not about to connect. I check the Oracle listeners are working, and when I ssh into the box I am able to use sqlplus so I know Oracle is running. I am at a loss on how to proceed, again the setup worked until I added an Elastic IP

Jonathan
answered 9 months ago
  • Steve_M EXPERT
    9 months ago

    Oracle is definitely listening in 1521 and not a custom port? netstat -tulpn | grep -w 1521

    In AWS Console can you select the instance and then the "Security" tab and confirm that the Oracle security group is associated, and that the "Inbound rules" has ports 1521 & 1158 open from the same source as port 22 (which we already know is good).

    As this is a hardened OEL image, is firewalld running and is this restricting inbound connections on any ports?

0

Hello.
Is Oracle DB running in EC2?
Check the process and make sure that Oracle DB is running.

profile picture
EXPERT
Riku_Kobayashi
answered 9 months ago
0

Have you checked your security group? Did you tested that server with other protocols? Like simple ping

V
answered 9 months ago
0

I give up... I have no idea what is happening but.

If I remove the Elastic iP and allow AWS to assign an IP I can connect and everything works. I did not change anything in the Security Group, nor on the Server (firewall etc) I just removed the associated Elastic IP and I can connect. Weird.

Anyone have any ideas?

Jonathan
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content