This topic provides answers to commonly asked questions about remote connection to simple application servers. This topic also provides the troubleshooting procedure for remote connection failures of simple application servers.
Troubleshooting procedure
If you cannot connect to a simple application server, we recommend that you troubleshoot the problem based on the following procedure. The steps of the troubleshooting procedure are ordered based on the probability of possible causes, with the most likely causes first. We recommend that you proceed in this sequence to efficiently troubleshoot the problem. If the issue continues after you address one potential cause, proceed to the next cause and continue this process until the problem is resolved.
Procedure | Operation |
Check whether the server status is normal. | Only simple application servers that are in the Running state allow you to log on.
For information about how to view the status of a server, see View the information of a simple application server. |
Check whether the logon credentials are valid. | Make sure that you use a valid username and password or use a valid key pair to log on to the server.
|
Check whether the port configurations are correct. | Check whether the logon port is enabled on the firewall. The default logon port is port 22 for Linux servers and port 3389 for Windows servers. If the corresponding port is not enabled, enable it. For more information, see Manage the firewall of a simple application server. |
Check whether the firewall is enabled. | If the server runs a Windows operating system, disable the firewall. |
Check whether the server is deployed outside the Chinese mainland. | If you are in the Chinese mainland and attempt to connect to a simple application server in a region outside the Chinese mainland, latency and packet loss may occur, which makes the server inaccessible. This is a problem with the Internet service provider and cannot be solved on the server. For more information, see What do I do if I am prompted that the connection has timed out when I connect to a simple application server deployed outside the Chinese mainland? |
Check whether the network is stable. | Use an on-premises host in another network environment to connect to the simple application server, or use another wireless network such as a mobile phone hotspot to attempt to connect. This test can help you find out whether the connection issue is due to a local network problem. If the problem is not caused by the local network, perform further checks. If the local network caused the connection failure, we recommend that you contact the local network provider to solve the problem. |
Check whether the server is overloaded. | If the utilization of disks, disk BPS, bandwidth, or vCPUs of a simple application server is excessive, you may fail to log on to the server. To solve the problem, perform the following operations:
|
Check whether an antivirus software blocks the connection. | Third-party antivirus software may cause the failure to connect to the simple application server.
|
Check whether the server is infected by viruses such as mining viruses. | If blackhole filtering is triggered for the public IP address of the simple application server due to attacks, you can manually deactivate blackhole filtering and try the connection again. For more information, see Blackhole filtering policy of Alibaba Cloud. |
Check whether the Remote Desktop Protocol (RDP) of the server is enabled. | If the simple application server runs a Windows operating system, check whether the RDP is enabled. If the RDP is disabled, enable it. For more information, see How do I troubleshoot the failure to connect to a Windows server when no error message appears? |
Check whether the system reports an error message concerning the connection. | Troubleshoot the problem based on the specific error message. For more information, see FAQ navigation. |
If the problem persists after you take the preceding measures, submit a ticket to obtain technical support.
FAQ navigation
FAQ about connections
FAQ about remote connection to Linux servers
What do I do if the connection to a Linux server fails when SELinux is enabled on the Linux server?
You can also use Elastic Compute Service (ECS) connection solutions to troubleshoot problems. For more information, see What do I do if I cannot connect to a Linux instance?
FAQ about remote connection to Windows servers
What do I do if I receive a prompt indicating that I may not be able to log on with the correct username and password because the OS has disabled root user logon when I use Workbench to connect to a server?
The issue may occur due to one of the following reasons:
The server and its applications are unresponsive due to insufficient memory resources. We recommend that you restart the server and try again. If you can log on to the server after trying again, we recommend that you upgrade the server configurations. For more information, see Upgrade a simple application server.
If the operating system disables the root user logon, modify the configuration file. For more information, see Re-enable password-based logons.
What do I do if I am prompted that the connection has timed out when I connect to a simple application server deployed outside the Chinese mainland?
If you are in the Chinese mainland and attempt to connect to a simple application server in a region outside the Chinese mainland, latency and packet loss may occur, which makes the server inaccessible. This is a problem with the Internet service provider and cannot be solved on the server. For information about the regions where Simple Application Server is supported, see Regions and network connectivity. You can use one of the following methods to solve this problem:
If the network inaccessibility problem is only an occasional problem, you can change the local network environment or try to connect to the server later.
If your server is not required to be deployed outside the Chinese mainland, we recommend that you request a refund for your server and purchase a server deployed in the Chinese mainland.
NoteIf you cannot request a refund for the server, submit a ticket.
How do I apply to unlock the public IP address of the server?
If a server is locked due to infection by mining viruses or due to attacks, you can apply to unlock the server. To apply to unlock servers, go to the Penalties page in the Security Center console.
You can apply to unlock servers in your account only once.
Within three days after a server is unlocked, the server is automatically checked. If a mining program is detected on the server again, the server is locked and cannot be unlocked.
After the server is unlocked, back up the data on the server at your earliest opportunity.
Why am I prompted that the connection is rejected when I fail to connect to my server?
This may be caused by one of the following issues. Fix the corresponding issue.
The remote service that corresponds to SSH or RDP is not enabled on the server.
Ports used for remote connection, such as SSH port 22 and RDP port 3389, are not enabled on the server.
Why am I prompted that the logon username or password is invalid when I fail to connect to the server?
This may be caused by one of the following issues. Fix the corresponding issue.
The username or password that you entered is invalid. The username is root for Linux servers and administrator for Windows servers.
The logon password that you entered is invalid. If you forget the logon password, you can reset the password. For more information, see Set or reset server passwords.
If you log on to a Windows server as a non-administrator user, the user must belong to the Remote Desktop Users group.
Why does the error message "An error occurred. Try again later" appears when I connect to my simple application server by using Virtual Network Console (VNC) or the workbench?
When you connect to the simple application server on the server card, the error message "An error occurred. Try again later" appears.
To troubleshoot the issue, perform the following operations:
Connect to the server by using a third-party tool such as PuTTY.
Run the following command to check whether the SSH public key file authorized_keys exists:
cd /home/admin/.ssh/ ll
If the SSH public key file does not exist, submit a ticket to obtain the SSH public key information, and restore the SSH public key file. Procedure:
Run the following command to restore the SSH public key file:
mkdir -p /home/admin/.ssh vim /home/admin/.ssh/authorized_keys
Paste the public key information into the SSH public key file and save the file.
Run the following command to change the file group:
chown -R admin:admin /home/admin
If the SSH public key file authorized_keys exists, run the cat /home/admin/.ssh/authorized_keys command, copy the public key file information, and then submit a ticket that contains the public key file information to the technical support team.
Check whether the /etc/sudoers file contains
admin ALL=(ALL) NOPASSWD:ALL
.vim /etc/sudoers
If the /etc/sudoers file does not contain admin ALL=(ALL) NOPASSWD:ALL, add
admin ALL=(ALL) NOPASSWD:ALL
to the file.Check whether the /home/admin/.ssh/authorized_keys file is granted the 644 permission.
cd /home/admin/.ssh ll
The following command output is returned:
[root@iZd3ru25weg**** .ssh]# ll total 0 -rw-r--r-- 1 admin admin 272 Nov 3 10:52 authorized_keys
If the file is not granted the 644 permission, run the chmod 644 authorized_keys command to grant the 644 permission.
Why am I still unable to log on to my simple application server after I change the logon password online?
When a third-party antivirus software is installed on the server, the antivirus software may block the online password change operation, causing the operation to fail. In this case, we recommend that you change the password offline. Alternatively, you can call the UpdateInstanceAttribute API operation to reset the password. Then, you can restart the server and use the new password to log on to it.
What do I do if the connection to a Linux server fails when SELinux is enabled on the Linux server?
For information about how to solve the problem, see What do I do if an SSH connection to a Linux ECS instance becomes abnormal when SELinux is enabled?
When Security-Enhanced Linux (SELinux) is enabled, system security is enhanced. However, after SELinux is enabled, the files of the operating system may be corrupted, and failures may occur upon system startup. We recommend that you enable or disable SELinux in the correct manner to prevent the system from failing to start up. For more information, see Enable or disable SELinux.
Why am I still unable to log on to my Linux server by using the correct username and password combination?
If the operating system of your server disables password-based logon, you cannot log on to the server even when you use the correct username and password. For information about how to enable password-based logon, see Re-enable password-based logons.
What do I do if an authentication problem occurs when I connect to a Windows server?
This problem may be caused by upgrade patches released by Windows. For information about how to solve the problem, see What do I do if the error message "An authentication error has occurred. The function requested is not supported" appears when I connect to a simple application server?
What do I do if I cannot connect to a Windows server by using the administrator account?
If you configure security policies on your Windows computer to deny logon from terminal services, you cannot use Remote Desktop Connection (RDC) on your Windows computer to connect to a Windows server by using the administrator account. For more information, see What do I do if the error message "To sign in remotely, you need the right to sign in through Remote Desktop Services" appears when I connect to a Windows instance by using Remote Desktop?
How do I troubleshoot the failure to connect to a Windows server when no error message appears?
This problem occurs when you use the RDC tool on your Windows computer to connect to a Windows server. This may occur because remote connection permissions are not enabled on the Windows server. In this example, Windows Server 2012 R2 64-bit is used to describe how to solve this problem.
Use the Simple Application Server console to connect to the Windows server.
For more information, see Connect to a Windows server.
Open This PC. In the left-side navigation pane, right-click This PC and select Properties.
In the left-side navigation pane of the System page, click Remote settings.
In the Remote Desktop section of the System Properties dialog box, select Allow remote connection to this computer.
Click Apply and then click OK.
After the configurations are complete, you can try to connect to the server again.
What do I do if the error message "The remote computer that you are trying to connect to requires Network Level Authentication (NLA)" appears when I connect to a Windows server?
This message may appear when you use the RDC tool on your Windows computer to connect to a Windows server. This may be because the RDC tool on your computer is of an earlier version. In this example, Windows Server 2012 R2 64-bit is used to describe how to solve this problem.
Use the Simple Application Server console to connect to the Windows server.
For more information, see Connect to a Windows server.
Open This PC. In the left-side navigation pane, right-click This PC and select Properties.
In the left-side navigation pane of the System page, click Remote settings.
In the Remote Desktop section of the System Properties dialog box, clear Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended).
Click Apply and then click OK.
After the configurations are complete, you can try to connect to the server again.
What do I do if the error message "The remote session was disconnected because there are no Remote Desktop client access licenses available for this computer" appears when I connect to a Windows server?
For information about how to solve this problem, see What do I do if the "The remote session was disconnected because there are no Remote Desktop client access licenses available for this computer" message appears when I connect to a Windows instance by using Remote Desktop?
What do I do if I cannot connect to a Windows server and the server has no Internet access capability?
A possible cause of this problem is that network interface controllers (NICs) are disabled on the Windows server. In this example, Windows Server 2012 R2 64-bit is used to describe how to solve this problem.
Use the Simple Application Server console to connect to the Windows server.
For more information, see Connect to a Windows server.
In the lower-right corner of the desktop, right-click the network icon and select Open Network and Sharing Center.
In the left-side navigation pane, click Change adapter settings.
Find the disabled network, right-click the network, and then select Enable.
After the network is enabled, right-click the network and select Properties.
In the This connection uses the following items section, click Internet Protocol Version 4 (TCP/IPv4) and click Properties.
On the General tab, click Obtain an IP address automatically, click Obtain DNS server address automatically, and then click OK.
After the configurations are complete, you can try to connect to the server again.
References
If the preceding solutions cannot meet your business requirements, you can also refer to the remote connection solutions provided by Elastic Compute Service (ECS).