This topic describes common issues that may occur when you connect to a Simple Application Server and provides solutions.
Troubleshooting procedure
If you cannot remotely connect to a Simple Application Server, troubleshoot the issue by following the steps in this section. The possible causes are sorted by probability, from most likely to least likely. Check each potential cause until the issue is resolved.
Possible cause | Solution |
Abnormal server status | You can log on to Simple Application Servers only if they are in the Running state.
For more information about how to view the status of a Simple Application Server, see View the information about a Simple Application Server. |
Incorrect logon credentials | Make sure that the username, password, or key is correct.
|
Abnormal port configuration | Check whether the remote logon port is open in the firewall. The default port is 22 for Linux servers and 3389 for Windows servers. If the port is not open, see Manage firewalls. |
Check the firewall | If you use a Windows server, check whether you can access the server after you disable the firewall. |
Check whether the server is outside the Chinese mainland | If you are in the Chinese mainland and connect to a Simple Application Server in a region outside the Chinese mainland, high latency and packet loss may occur. This can make the server inaccessible. This issue is caused by international network carriers and cannot be resolved on the server. For more information, see What do I do if a connection timeout occurs when I remotely connect to a server outside the Chinese mainland? |
Check whether the issue is caused by the carrier network | To determine whether the connection failure is caused by a local network issue, try connecting from a different network, such as a mobile hotspot. If you can connect from another network, the issue is likely with your local carrier. Contact your carrier to resolve the issue. |
Check whether the server load is too high | High disk usage, disk BPS, bandwidth usage, or CPU utilization on a Simple Application Server can prevent remote logon. Try the following solutions:
|
Check whether an antivirus software blocks the connection | Third-party antivirus software may prevent you from connecting to the remote server.
|
Check whether the server is infected with a virus such as a mining program | If the server is attacked, the public IP address of the Simple Application Server may be added to a blackhole. You can manually deactivate the blackhole filtering and try to log on again. For more information, see Alibaba Cloud blackhole filtering policy. |
Check the Remote Desktop Protocol of the server | Check whether Remote Desktop Protocol (RDP) is enabled on the Windows server. If not, enable it. For more information, see How do I troubleshoot a remote connection failure to a Windows server when no error message is prompted? |
Check the specific error message for the remote logon | Resolve the issue based on the specific error message. For more information, see FAQ navigation. |
If the issue persists after you complete the preceding checks, submit a ticket for technical support.
FAQ navigation
General remote connection issues
Issues with connecting to Linux servers
What do I do if a remote connection to a Linux server fails because SELinux is enabled?
What do I do if I cannot log on to the server with the correct username and password?
You can also use the remote connection solutions for ECS to troubleshoot the issue. For more information, see Troubleshoot connection issues for Linux instances
Issues with connecting to Windows servers
What do I do if I receive a prompt indicating that the operating system has disabled password-based logon and I cannot log on even with the correct username and password when I use Workbench to connect to a server?
Possible causes:
The server has insufficient memory, which can cause the system and applications to stop responding. Restart the server and try again. If you can log on after the restart, upgrade the server configuration. For more information, see Upgrade configurations.
You are using a key pair to log on, but the operating system has disabled root user logon. Modify the configuration file. For more information, see How do I switch to password-based logon if I previously used a key pair?
What do I do if a connection timeout occurs when I remotely connect to a server outside the Chinese mainland?
If you are in the Chinese mainland and connect to a server in a region outside the Chinese mainland, high latency and packet loss may occur. This can make the server inaccessible. This issue is caused by international network carriers and cannot be resolved on the server. For more information about the regions of Simple Application Server, see Regions and network connectivity. You can try one of the following methods to resolve this issue:
The network access issue may not be persistent. You can try to switch to another local network environment or try to connect to the server again later.
If your server is not required to be deployed in a region outside the Chinese mainland, we recommend that you request a self-service refund for the server and purchase a new server in the Chinese mainland.
NoteIf you cannot request a self-service refund for the server, submit a ticket to apply for a refund.
The public IP address of my server is locked. How do I apply for it to be unblocked?
A server may be locked for reasons such as mining viruses or attacks. You can request to have the server unblocked. To apply, go to the Penalties page.
You can request to unblock the server only once.
After the server is unblocked, it is automatically checked for 3 days. If mining behavior is detected again, the server is locked and cannot be unblocked.
After the server is unblocked, back up your data promptly.
Why does the connection fail with a 'Connection refused' message?
Check the following items:
The corresponding remote service, such as Secure Shell (SSH) or RDP, must be enabled on the server.
The connection port must be open on the server. Typically, SSH uses port 22 and RDP uses port 3389.
Why does the connection fail with an 'Incorrect username or password' message?
Check the following items:
Enter the correct username. The default username is root for Linux servers and Administrator for Windows servers.
Enter the correct password. If you forget the password, you can reset it. For more information, see Set or reset server passwords.
If you log on to a Windows instance as a non-administrator user, the user must belong to the Remote Desktop Users group.
Why does the connection fail with an 'Operation failed. Please try again later.' message when I use VNC or Workbench?
When you remotely connect to the server from the console, you may receive the message "Operation failed. Please try again later."
To troubleshoot the issue, perform the following steps:
Connect to the server using a third-party tool, such as PuTTY.
Run the following command to check whether the SSH public key file authorized_keys exists.
cd /home/admin/.ssh/ llIf the SSH public key file does not exist, submit a ticket to obtain the SSH public key information. Then, restore the file by following these steps:
Run the following command to create the SSH public key file.
mkdir -p /home/admin/.ssh vim /home/admin/.ssh/authorized_keysPaste the public key information into the authorized_keys file and save the file.
Run the following command to change the owner.
chown -R admin:admin /home/admin
If the SSH public key file authorized_keys exists, run the cat /home/admin/.ssh/authorized_keys command to view and copy the public key information. Then, submit a ticket with the public key information for technical support.
Check whether the /etc/sudoers file contains
admin ALL=(ALL) NOPASSWD:ALL.vim /etc/sudoersIf not, you can add
admin ALL=(ALL) NOPASSWD:ALL.Check whether the permissions of /home/admin/.ssh/authorized_keys are set to 644.
cd /home/admin/.ssh llThe output is as follows.
[root@iZd3ru25weg**** .ssh]# ll total 0 -rw-r--r-- 1 admin admin 272 Nov 3 10:52 authorized_keysIf the permissions are not 644, run the chmod 644 authorized_keys command to set them to 644.
Why can't I log on after I change the password online?
Third-party antivirus software on a Simple Application Server instance can block the Change Password Online operation, which causes the password change to fail. If this occurs, we recommend that you select Change Password Offline or call the UpdateInstanceAttribute operation to reset the instance password. Then, restart the instance to log on.
What do I do if a remote connection to a Linux server fails because SELinux is enabled?
For the solution, see An SSH remote connection to a Linux instance is abnormal because the SELinux service is enabled.
Enabling Security-Enhanced Linux (SELinux) improves system security but may damage operating system files and cause system startup failures. We recommend that you enable or disable SELinux correctly to prevent system startup issues. For more information, see Enable or disable SELinux.
What do I do if I cannot log on to the server with the correct username and password?
If the operating system has disabled password-based logon, you cannot log on even with the correct username and password. If you want to use password-based logon, see What do I do if I receive a prompt indicating that the operating system has disabled root user logon and I cannot log on even with the correct username and password when I use Workbench to connect to a server?
What do I do if an authentication error occurs when I remotely connect to a Windows server?
This issue may be caused by a Windows upgrade patch. For solutions, see the following topics:
What do I do if the "An authentication error has occurred. The function requested is not supported." error is returned when I connect to a Windows instance using Remote Desktop?
What do I do if I cannot use the Administrator user to log on to a Windows server?
If you set a local security policy on your local Windows host to deny logon through terminal services, you cannot use a remote desktop connection tool to log on to the Windows server as the Administrator user. For the solution, see What do I do if the "To sign in remotely, you need the right to sign in through Remote Desktop Services." message is returned when I connect to a Windows instance using Remote Desktop?
How do I troubleshoot a remote connection failure to a Windows server when no error message is prompted?
This issue occurs when you use a remote desktop connection tool on your local Windows host to connect to a Windows server. This issue may be caused by disabled remote connection permissions on the Windows server. This topic uses a Windows Server 2012 R2 64-bit operating system as an example to describe how to troubleshoot this issue.
Connect to the Windows server from the management console.
For more information, see Connect to a Windows server.
Open This PC. In the left navigation pane, right-click This PC and click Properties.
In the left navigation pane on the System page, click Remote Settings.
In the System Properties dialog box, under the Remote Desktop section, select Allow Remote Connections To This Computer.
Click Apply and then OK.
After the configuration is complete, try to remotely connect to the server again.
What do I do if I am prompted with 'The remote computer that you are trying to connect to requires Network Level Authentication' when I remotely connect to a Windows server?
This error may occur when you use a remote desktop connection tool on your local Windows host to connect to a Windows server if the tool is outdated. This topic uses a Windows Server 2012 R2 64-bit operating system as an example to describe how to resolve this issue.
Connect to the Windows server from the management console.
For more information, see Connect to a Windows server.
Open This PC. In the left navigation pane, right-click This PC and click Properties.
In the left navigation pane on the System page, click Remote Settings.
In the Remote Desktop section of the System Properties dialog box, clear Allow Connections Only From Computers Running Remote Desktop With Network Level Authentication (recommended).
Click Apply and then OK.
After the configuration is complete, try to remotely connect to the server again.
What do I do if I am prompted with 'No Remote Desktop license servers are available to provide a license' when I remotely connect to a Windows server?
For the solution, see What do I do if the 'No Remote Desktop license servers are available to provide a license' error is returned when I connect to a Windows instance using Remote Desktop?
What do I do if a remote connection to a Windows server fails and the server cannot be accessed over the Internet?
This issue may be caused by a disabled network interface card (NIC) on the Windows server. This topic uses a Windows Server 2012 R2 64-bit operating system as an example to describe how to resolve this issue.
Connect to the Windows server from the management console.
For more information, see Connect to a Windows server.
In the lower-right corner of the desktop, right-click the network icon
and click Open Network and Sharing Center.In the left navigation pane, click Change Adapter Settings.
Right-click the disabled network and click Enable.
Once the network is enabled, right-click the network and click Properties.
In the This Connection Uses The Following Items section, select Internet Protocol Version 4 (TCP/IPv4) and then click Properties.
On the General tab, select Obtain an IP Address Automatically and Obtain DNS Server Address Automatically, and then click OK.
After the configuration is complete, try to remotely connect to the server again.
References
If none of the preceding solutions resolve your issue, refer to the remote connection solutions for Elastic Compute Service (ECS) to troubleshoot the issue: