LinuxQuestions.org - Access MySQL through LAN rpoblems

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - Access MySQL through LAN rpoblems (https://www.linuxquestions.org/questions/linux-networking-3/access-mysql-through-lan-rpoblems-386369/)

Access MySQL through LAN rpoblems

I cannot connect to the MySQL through my LAN which comes back with an error 10060 or 10061. I can connect fine through the actual machine.

I believe this means that the MySQL server cannot be seen at all

I've tried to sort it out but am really struggling to find a solution as i'm still a bit of a n00b.... but at least im trying, right?

Better explain the setup to you a bit better then...

My version of Linux is Mandriva 2005 LE. My Server is on the DMZ port of my router and I want my LAN to be able to connect to the MySQL server. During install I set Shorewall firewall to allow for Web Server and Ping . I can ping the Server from the LAN ok but had to change setting for ICMP_echo_ignore_all (or something like that) to 0 due to the paranoid security setting.

I've added two new rules through webmin to Shorewall to allow my LAN to see the MySQL server... Here are the rules...

HOST xx.xx.xx.xx in Zone NET | firewall | TCP | 3304 | 3304 |
HOST xx.xx.xx.xx in Zone NET | firewall | TCP | 3306 | 3306 |

Please HELP!!

***ADDITIONAL***

Just found that skip-networking was in the my.cnf file so i've pit a # infront of that.... I got my hopes up that it would work but it still doesn't :S grrrrrr

Tried it with Shorewall turned off and still no joy

Can you telnet to the mysqlserverhost on port 3306 ?

If not then you have [at least] a network problem.

If you can telnet to it then I assume you are running a mysql client inside your firewall and trying to connect as a valid mysql user. To do this you need to set the access for that user (to allow connections from all hosts) within the mysqldb otherwise access is only allowed for local users.

Personally, I would not put the mysql db in the DMZ.

Thanks for the reply...

feel a bit muppety but when I go in and type SHOW VRIABLES; then skip-networking is on.

I #'d it in my.cnf so why is it on. (Also restarted the server ;))

Also something I noticed is that ICMP_echo_ignore_all i set to 0 but after a restart its back as 1 sometimes. I wonder why?

I'm going to ask a really obvious question :

Is the mysqld actually running ? (on the DMZ server). If it is - I assume you can at least connect to it on there (?)

Thanks for the help

lol... yes I can do it from mysql.... I got the skip-networking off as well... hooray...

You wouldn't put the sql server on the DMZ? Is this because its showing it to the outside world?

now I get an error when connecting 'xx.xx.xx.xx' is not allowed to connect to thisMySQL server...

(sigh)

Yes I wouldn't want it showing to the www.

The "is not allowed to connect" is caused by the fact that you try to log in from another server - as I noted in post #2.

It's a while since I've fiddled with it, but it'll be in here somewhere >> http://dev.mysql.com/doc/refman/5.0/...ss-denied.html

Thanks very much... This seems easier to solve than not being able to see the server at all... i'll give it a good crack...