Hopefully, this is a simple question. I am setting up Kong for the first time and trying to access the admin console from from a remote computer. We’ve pretty much opened up the iptables since its a dev machine. When typing http://:8001 from the remote computer a connection refused message is displayed. I am hoping it’s a simple problem with the nginx kong configuration as the Kong-Dashboard works just fine on port 8080. Here is a list of the iptables (btw we are not using docker for the Kong install) and the Kong configuration. Any feedback here would be greatly appreciated
iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt
ACCEPT tcp -- anywhere anywhere tcp dpt:8001
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (0 references)
target prot opt source destination
Chain DOCKER-ISOLATION (0 references)
target prot opt source destination
Chain DOCKER-USER (0 references)
target prot opt source destination
Partial Kong config
#------------------------------------------------------------------------------
# GENERAL
#------------------------------------------------------------------------------
prefix = /usr/local/kong/ # Working directory. Equivalent to Nginx's
# prefix path, containing temporary files
# and logs.
# Each Kong process must have a separate
# working directory.
log_level = notice # Log level of the Nginx server. Logs are
# found at <prefix>/logs/error.log.
# Note: see http://nginx.org/en/docs/ngx_core_module.html#error_log for a list
# of accepted values.
proxy_access_log = logs/access.log # Path for proxy port request access
# logs. Set this value to `off` to
# disable logging proxy requests.
# If this value is a relative path,
# it will be placed under the
# `prefix` location.
proxy_error_log = logs/error.log # Path for proxy port request error
# logs. Granularity of these logs is
# adjusted by the `log_level`
# directive.
admin_access_log = logs/admin_access.log # Path for Admin API request access
# logs. Set this value to `off` to
# disable logging Admin API requests.
# If this value is a relative path,
# it will be placed under the
# `prefix` location.
admin_error_log = logs/error.log # Path for Admin API request error
# logs. Granularity of these logs is
# adjusted by the `log_level`
# directive.
#custom_plugins = # Comma-separated list of additional plugins
# this node should load.
# Use this property to load custom plugins
# that are not bundled with Kong.
# Plugins will be loaded from the
# `kong.plugins.{name}.*` namespace.
#anonymous_reports = on # Send anonymous usage data such as error
# stack traces to help improve Kong.
#------------------------------------------------------------------------------
# NGINX
#------------------------------------------------------------------------------
proxy_listen = 0.0.0.0:8000, 0.0.0.0:8443 ssl
# Comma-separated list of addresses and ports on
# which the proxy server should listen.
# The proxy server is the public entrypoint of Kong,
# which proxies traffic from your consumers to your
# backend services. This value accepts IPv4, IPv6, and
# hostnames.
# Some suffixes can be specified for each pair:
# - `ssl` will require that all connections made
# through a particular address/port be made with TLS
# enabled.
# - `http2` will allow for clients to open HTTP/2
# connections to Kong's proxy server.
# - Finally, `proxy_protocol` will enable usage of the
# PROXY protocol for a given address/port.
#
# This value can be set to `off`, thus disabling
# the proxy port for this node, enabling a
# 'control-plane' mode (without traffic proxying
# capabilities) which can configure a cluster of
# nodes connected to the same database.
# Note: see http://nginx.org/en/docs/http/ngx_http_core_module.html#listen for
# a description of the accepted formats for this and other *_listen values.
# Note bis: see https://www.nginx.com/resources/admin-guide/proxy-protocol/
# for more details about the `proxy_protocol` parameter.
admin_listen = 127.0.0.1:8001, 127.0.0.1:8444 ssl, 127.0.0.1:8087
# Comma-separated list of addresses and ports on
# which the Admin interface should listen.
# The Admin interface is the API allowing you to
# configure and manage Kong.
# Access to this interface should be *restricted*
# to Kong administrators *only*. This value accepts
# IPv4, IPv6, and hostnames.
# Some suffixes can be specified for each pair:
# - `ssl` will require that all connections made
# through a particular address/port be made with TLS
# enabled.
# - `http2` will allow for clients to open HTTP/2
# connections to Kong's proxy server.
# - Finally, `proxy_protocol` will enable usage of the
# PROXY protocol for a given address/port.
#
# This value can be set to `off`, thus disabling
# the Admin interface for this node, enabling a
# 'data-plane' mode (without configuration
# capabilities) pulling its configuration changes
# from the database.
nginx_user = nobody nobody # Defines user and group credentials used by
# worker processes. If group is omitted, a
# group whose name equals that of user is
# used. Ex: [user] [group].
nginx_worker_processes = auto # Determines the number of worker processes
# spawned by Nginx.
nginx_daemon = on # Determines wether Nginx will run as a daemon
# or as a foreground process. Mainly useful
# for development or when running Kong inside
# a Docker environment.
mem_cache_size = 128m # Size of the in-memory cache for database
# entities. The accepted units are `k` and
# `m`, with a minimum recommended value of
# a few MBs.
ssl_cipher_suite = modern # Defines the TLS ciphers served by Nginx.
# Accepted values are `modern`,
# `intermediate`, `old`, or `custom`.