Cannot get Mosquitto to Allow Connection from Outside Local Network
I have Linux Ubuntu 18.04 laptop, and I installed the Mosquitto MQTT broker there. On my Windows 10 laptop, I am running a C# application written in Visual Studio 2013 that uses the M2Mqtt Libraries.
If I connect via the localhost, everything is fine. I start up the Mosquitto server, connect via the C# application, subscribe to a topic, and then can send messages back and forth all day long.
But when I try to connect through the internet address, I consistently get a uPLibrary.Networking.M2Mqtt.Exceptions.MqttConnectionException: "No connection could be made because the target machine actively refused it 95.XXX.XXX.134:1883" error. (The address there is what I got via "WhatsmyIP")
Here's what I have done so far:
First, I went to my router, which is a TP-LINK AC1200. I set the port to forward to the local IP address of the Linux box.
Then I went to my Linux box and used ufw to enable port 1833 and enable the firewall
From there I have tried everything I can think of -- I've run Mosquitto with the port declared at the command line, I have changed the conf file to say:
Listener 1883 0.0.0.0
and
Listener 1883 192.168.0.144
I have removed the port assignment and listener assignment entirely (since that is its default anyway) and always I get the same result.
I downloaded 2 different utilities -- one on an android phone and one is an app available from Windows store, and I cannot connect with either of them, either. The Android phone simply will not connect (it is not on the same network so localhost is not an option) and the other app will connect locally, but not when I change to the internet address.
I get the sense I'm just missing one small thing, but I can't figure out what it is. There are other stackoverflow questions that show the same error, but they don't help me.
If it matters, the actual C# code that is being run is:
try
{
System.Security.Cryptography.X509Certificates.X509Certificate caCert = null;
Boolean useSecureProtocol = false;
int OpenPort = 1883;
// external IP address
String PublicIPAddress = "95.XXX.XXX.134";
// local IP address
String LocalIPAddress = "192.168.0.144";
System.Net.IPAddress ipaddress = System.Net.IPAddress.Parse(PublicIPAddress);
client = new MqttClient(ipaddress, OpenPort, useSecureProtocol, caCert, MqttSslProtocols.TLSv1_0);
// certificate and Protocol are irrelevant because security set to false??
}
catch (System.Net.Sockets.SocketException SException )
{
string SEX = SException.Message;
}
* * *
try
{
Byte retVal = client.Connect(ClientId);
}
catch (uPLibrary.Networking.M2Mqtt.Exceptions.MqttConnectionException ex)
{
string m = ex.Message;
}
Config File: conf.d (which I run explicitly with the -C option)
# Place your local configuration in /etc/mosquitto/conf.d/
#
# A full description of the configuration file is at
# /usr/share/doc/mosquitto/examples/mosquitto.conf.example
#
pid_file /var/run/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /home/mark_admin/mosquitto.log
include_dir /etc/mosquitto/conf.d
As I said, I have changed it and tried many things:
Listener 1883 192.168.0.144 Listener 1883 0.0.0.0 Listener 1883
And none of the above. Just left it blank. None of them worked.
I'm posting this as an answer so I can give more detail in case anyone stumbles upon this in the future.
Setting up the MOSQUITTO MQTT Server in Ubuntu 18.04 is actually not hard, but the steps are important.
Step 1: Install Mosquitto Software
sudo apt-add-repository ppa:mosquitto-dev/mosquitto-ppa
sudo apt-get update
sudo apt-get install mosquitto
Step 2: Open Port 1883 and start firewall
sudo ufw allow 1883
sudo ufw enable
Step 3: Verify Mosquitto is not already running
pgrep mosquitto
[Note, if any number shows, that is the PID of an already running Mosquitto. You can just kill it. Also, you can try: sudo service mosquitto stop]
Step 4: Start Mosquitto with verbose option
mosquitto -v
[Note: This starts Mosquitto without using any config file. It echos connection and status information to the screen. Easiest for quick debugging.]
Step 5: Check connectivity using local host
Go to your client machine (in my case a Windows 10 laptop) and run the MQTT client, connecting to the local address of the Linux Mosquitto server (in my case 192.168.0.144). You should be able to connect. In fact, you can do this step before you even open the firewall, since this is all on the local network, the firewall rules are irrelevant at this point. Until next step which is...
Step 6: Check Connectivity using web tool
use either: www.yougetsignal.com/tools/open-ports/ or https://canyouseeme.org/
[NOTE: You will not get an OPEN state UNLESS THE MOSQUITTO BROKER IS RUNNING]
Step 7: If Port Shows Closed When coming In from Internet (ie not localhost)
Here's where I got tripped up. In my case, I have a Verizon Modem that ALSO has a firewall (because it has a router). I have my own wireless router, a tp-link Archer C1200, that I have plugged into the Fios Modem/Router. I started by putting the port forwarding in the tp-link. But that firewall comes after the Fios firewall so I needed to go to the first wall and do the port forward there.
And this is the second thing that is tricky. All of the online how-to's said I should forward port 1883 to the local IP address of my Linux Server, which in my case was 192.168.0.144. But that was not correct in my case. The Archer C1200 was actually the device that I needed to forward to -- it handled the correct distribution from there. It had an address of 192.168.0.152 assigned to it from the Verizon router. I still have both forwardings in place (ie the Fios and the tp-link) and my guess is that I need them both.
Now all pathways are open, you can follow the other Mosquitto instructions regarding logging, config files, Daemons, etc.
Hope this saves someone some time down the road!
- Sort program not working, not sure why
- Fast & accurate atan/arctan approximation algorithm
- What's the difference between strtok_r and strtok_s in C?
- How memory address for pointer to arrays is same as an element in 2D array?
- Which is the best way to suppress "unused variable" warning
- How to use ellipsis in c's case statement?
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- Fast ceiling of an integer division in C / C++
- Is there an invalid pthread_t id?
- How to Implement Universal Setter/Getter Functions for Interrupt-Driven Variables in Embedded C?
- How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
- FDCAN problems on STM32G4
- How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
- Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
- Interacting with C arrays without knowing the size
- Combination of two strings
- Avoiding strcpy overflow destination warning
- carriage return by fgets
- How to use special characters in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- Is it correct to compare pointers in C?
- Force free() to return malloc memory back to OS
- How can I print to standard error in C with 'printf'?
- What is the standard behavior of fread in C on Windows?
- How is strtok removing lines it shouldn't have access to?
- Using array as smart point in C
- Assigning string to malloced 2d char array not working as intended
- How to refactor repetition inside a Makefile?
- Why does an empty preprocessor command still evaluate to something?
- How to implement variable sized array within C struct