ACCESS_REFUSED for a remote connection

[srburton]

I have a recent problem, I'm running rabbitmq in a container on ECS on AWS.

I have a vpn, when my application on localhost accesses the rabbitmq server works normally like the image below.

When the service is on AWS I have the following errors:

RabbitMQ.Client.Exceptions.BrokerUnreachableException: None of the specified endpoints were reachable ---> RabbitMQ.Client.Exceptions.AuthenticationFailureException: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
   at RabbitMQ.Client.Framing.Impl.Connection.StartAndTune()
   at RabbitMQ.Client.Framing.Impl.Connection.Open(Boolean insist)
   at RabbitMQ.Client.Framing.Impl.AutorecoveringConnection.Init(IFrameHandler fh)
   at RabbitMQ.Client.ConnectionFactory.CreateConnection(IEndpointResolver endpointResolver, String clientProvidedName)
   --- End of inner exception stack trace ---
   at RabbitMQ.Client.ConnectionFactory.CreateConnection(IEndpointResolver endpointResolver, String clientProvidedName)
   at App.Infra.Integration.RabbitMq.Factories.PersistentConnection.<TryConnect>b__14_2() in /src/src/Infra/Integration/App.Infra.Integration.RabbitMq/Factories/PersistentConnection.cs:line 76
   at Polly.Policy.<>c__DisplayClass108_0.<Execute>b__0(Context ctx, CancellationToken ct)
   at Polly.Policy.<>c__DisplayClass138_0.<Implementation>b__0(Context ctx, CancellationToken token)
   at Polly.Retry.RetryEngine.Implementation[TResult](Func`3 action, Context context, CancellationToken cancellationToken, ExceptionPredicates shouldRetryExceptionPredicates, ResultPredicates`1 shouldRetryResultPredicates, Action`4 onRetry, Int32 permittedRetryCount, IEnumerable`1 sleepDurationsEnumerable, Func`4 sleepDurationProvider)

[michaelklishin]

Thank you for your time.

Team RabbitMQ uses GitHub issues for specific actionable items engineers can work on. GitHub issues are not used for questions, investigations, root cause analysis, discussions of potential issues, etc (as defined by this team).

We get at least a dozen of questions through various venues every single day, often light on details. At that rate GitHub issues can very quickly turn into a something impossible to navigate and make sense of even for our team. Because GitHub is a tool our team uses heavily nearly every day, the signal/noise ratio of issues is something we care about a lot.

Please post this to rabbitmq-users.

Thank you.

[michaelklishin]

Connection not succeeding is not a bug in RabbitMQ or the client. The error is pretty clear: the node has refused a connection. We cannot suggest anything with the amount of information provided but all connections that send at least 1 byte of data are logged. See server logs for clues. If a local (or seemingly local thanks to VPN) connection succeeds but one from a remote host fails, you must be using a loopback-only user with well-known credentials. Such users can only connect from localhost by default as a security measure. There is a doc section that explains what is recommended over enabling remote access for such known users.

Our team also has produced a doc guide that explains a methodology for troubleshooting network connectivity that saves everyone time.

[srburton]

@michaelklishin Thanks, I'll take a look at this loopback question, but it was already a big help :-)