XOA Xen Orchestra virtual Appliance - ECONNREFUSED 192.168.1.185:443

I’ve created a NFS Share on my Leap 15.2 Server, I can mount it on another computer running Kubuntu, but having trouble getting my XOA Xen Orchestra to connect. When trying to create a NFS Storage Type for my ISO’s I keep getting, “connect ECONNREFUSED 192.168.1.185:443”, so my question is, what service (HTTPS?) do I use to open this post and in what zone. This is a home network.

Thanks!..

I’m not familiar with the particular Xen Orchestra. But port 443 is, as you say, for “https”. So there needs to be a web server running on 192.168.1.185, and it needs to be configured to support https connections.

I would guess that there is something in the documentation for Xen Orchestra which explains this.

As of today,
IP and EB based firewalls like what is installed in openSUSE by default only filter the address and port… Unlike proxy firewalls do not do a “deep packet inspection” that filters other packet headers and even the packet payload.

This means that it doesn’t matter what the service name might be or what protocol name is associated with the firewall rule. the only parameters that are important are address and port.

So, let’s say for instance that Xen Orchestra passed some weird, unusual protocol over port 443 (I doubt that’s the case on a well used address/port). The firewall will block or allow all traffic on that address/port regardless of the protocol.

TSU

If it is the firewall, you usually get a connection timeout or perhaps a no route to host. You don’t get connection refused.

I’d disagree.
When a firewall actively blocks a connection, you get a refusal.
If the firewall allows the connection but there is nothing running (no service or app), then you’ll get a no response.
If there is a routing problem or an unsupported network, then you’ll get a no route or unknown network.

TSU

Thanks for the replies, the only way I was able to connect is turn off the firewall. While its connected how can I list the ports being used? Off hand I don’t remember the command.

Well I did this, but doesn’t tell me very much.

NFS:/home/administrator/Public/Iso # ss -lunpt
Netid       State        Recv-Q       Send-Q             Local Address:Port              Peer Address:Port                                                                         
udp         UNCONN       0            0                        0.0.0.0:44341                  0.0.0.0:*           users:(("rpc.statd",pid=1335,fd=7))                              
udp         UNCONN       0            0                        0.0.0.0:20048                  0.0.0.0:*           users:(("rpc.mountd",pid=6693,fd=7))                             
udp         UNCONN       0            0                        0.0.0.0:111                    0.0.0.0:*           users:(("rpcbind",pid=6682,fd=5),("systemd",pid=1,fd=118))       
udp         UNCONN       0            0                      127.0.0.1:323                    0.0.0.0:*           users:(("chronyd",pid=1327,fd=1))                                
udp         UNCONN       0            0                      127.0.0.1:703                    0.0.0.0:*           users:(("rpc.statd",pid=1335,fd=45))                             
udp         UNCONN       0            0                        0.0.0.0:922                    0.0.0.0:*           users:(("rpcbind",pid=6682,fd=10))                               
udp         UNCONN       0            0                        0.0.0.0:2049                   0.0.0.0:*                                                                            
udp         UNCONN       0            0                        0.0.0.0:35410                  0.0.0.0:*                                                                            
udp         UNCONN       0            0                           ::]:20048                     ::]:*           users:(("rpc.mountd",pid=6693,fd=9))                             
udp         UNCONN       0            0                           ::]:111                       ::]:*           users:(("rpcbind",pid=6682,fd=7),("systemd",pid=1,fd=120))       
udp         UNCONN       0            0                          ::1]:323                       ::]:*           users:(("chronyd",pid=1327,fd=2))                                
udp         UNCONN       0            0                           ::]:922                       ::]:*           users:(("rpcbind",pid=6682,fd=11))                               
udp         UNCONN       0            0                           ::]:46880                     ::]:*           users:(("rpc.statd",pid=1335,fd=9))                              
udp         UNCONN       0            0                           ::]:2049                      ::]:*                                                                            
udp         UNCONN       0            0                           ::]:43150                     ::]:*                                                                            
tcp         LISTEN       0            64                       0.0.0.0:2049                   0.0.0.0:*                                                                            
tcp         LISTEN       0            128                      0.0.0.0:111                    0.0.0.0:*           users:(("rpcbind",pid=6682,fd=4),("systemd",pid=1,fd=117))       
tcp         LISTEN       0            128                      0.0.0.0:20048                  0.0.0.0:*           users:(("rpc.mountd",pid=6693,fd=8))                             
tcp         LISTEN       0            128                      0.0.0.0:22                     0.0.0.0:*           users:(("sshd",pid=1355,fd=3))                                   
tcp         LISTEN       0            128                      0.0.0.0:55639                  0.0.0.0:*           users:(("rpc.statd",pid=1335,fd=8))                              
tcp         LISTEN       0            64                       0.0.0.0:33689                  0.0.0.0:*                                                                            
tcp         LISTEN       0            100                    127.0.0.1:25                     0.0.0.0:*           users:(("master",pid=1685,fd=13))                                
tcp         LISTEN       0            64                          ::]:2049                      ::]:*                                                                            
tcp         LISTEN       0            128                         ::]:44867                     ::]:*           users:(("rpc.statd",pid=1335,fd=10))                             
tcp         LISTEN       0            128                         ::]:111                       ::]:*           users:(("rpcbind",pid=6682,fd=6),("systemd",pid=1,fd=119))       
tcp         LISTEN       0            128                         ::]:20048                     ::]:*           users:(("rpc.mountd",pid=6693,fd=10))                            
tcp         LISTEN       0            128                         ::]:22                        ::]:*           users:(("sshd",pid=1355,fd=4))                                   
tcp         LISTEN       0            64                          ::]:41591                     ::]:*                                                                            
tcp         LISTEN       0            100                        ::1]:25                        ::]:*           users:(("master",pid=1685,fd=14))   

What setup documentation are you using?
I did a brief lookup and am a bit surprised that it’s not supposed to need any other ports than 80 and optionally 443 to be opened (I would expect that those ports would be required only for web browser access, but then use other ports and protocols for communication with remote machines and services).

Common Xen Orchestra
Setup troubleshooting
https://xen-orchestra.com/docs/troubleshooting.html#deploy-error
Errors in general
https://xen-orchestra.com/docs/general-troubleshooting.html
Default setup and configuration
https://xen-orchestra.com/docs/configuration.html#user-to-run-xo-server-as

If you have basic firewall http and https ports allowed, supposedly that’s all that’s necessary for your firewall.

TSU