Connections to loopback adresses do not work

Tiago Lopes 1 Reputation point
2022-10-14T12:41:33.763+00:00

Hello.
I use Putty to establish ssh tunnels into target hosts assing with local loopback adresses.

For instance putty user@targethost -L 127.1.2.3:9043:10.1.1.1:9043 . -L 127.10.20.30:443:10.10.11.12:443

If I the use the browser to open the pages
https://127.1.2.3:9043
or
https://127.10.20.30

I have a n error:
Hmmm… your Internet access is blocked
Firewall or antivirus software may have blocked the connection.
Try:
Checking the connection
Checking firewall and antivirus configurations
Running Windows Network Diagnostics
ERR_NETWORK_ACCESS_DENIED
Hide details
Check your Internet connection
Check your network cables, modem, and routers.
Allow Microsoft Edge to access the network in your firewall or antivirus settings.
If it's already listed as a program allowed to access the network, try removing it from the list, and adding it again.

If I use the main loopback address (127.0.0.1)

I get:
Hmmm… can't reach this page
127. 0.0.1 refused to connect.

But If I use "localhost" it works.
250477-image.png

I have used these configurations before and using multiple different loopback addresses for the 127.x.x.x ranges allow multiple connection to differente hosts on the same ports ( for instance 127.1.1.1:9043 and 127.2.2.2:9043 can connect to different hosts on the same ssh connection )

Using Windows 10 Version 10.0.19044 Build 19044

I have checked firewall and see no reasons for this to happen!

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,286 questions
0 comments No comments
{count} votes

6 answers

Sort by: Most helpful
  1. Karlie Weng 15,191 Reputation points Microsoft Vendor
    2022-10-17T03:02:16.743+00:00

    Hello @Tiago Lopes

    If I use the main loopback address (127.0.0.1) I get: Hmmm… can't reach this page 127.0.0.1 refused to connect. But If I use "localhost" it works.

    This sounds like a DNS issue to me. You can use the name of your server to access it or need to tell your DNS server what the name for the IP address should be.

    I also did some research about this network issue, and find the following, I hope this might have some help.

    Quote from Putty Network Error: Connection Refused (techwalla.com),
    ‘In many cases, PuTTY users have little control over resolving the "Network Error: Connection refused" error. Users who administer their own servers may be able to resolve the error by restarting stopped telnet and SSH services, opening service ports or, in extreme cases, rebooting the unavailable server. Users who connect to the Internet through a router or firewall may be able to resolve this error by verifying that the router settings do not prohibit traffic on the port PuTTY uses to establish a connection. If the server administrator has changed the port for the desired service to something other than the default, users may need to contact the server administrator or review server documentation to obtain the correct port number.’

    Other reference articles:
    How to Fix Network Error Connection Refused' on PuTTY - Appuals.com
    How to resolve "localhost connection refused" error in PuTTY client? (bobcares.com)

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best regards
    Karlie

    0 comments No comments

  2. Tiago Lopes 1 Reputation point
    2022-10-17T07:14:50.817+00:00

    Hello @Karlie Weng .

    Thanks for your answer.

    DNS is not an issue, I believe, and putty connection is also working. Maybe I didn't explain correctly.
    A practical example:
    putty connection to a 10.0.0.10 server creating tunnel in port 9043

    putty user@10.0.0.10 -L 127.0.0.10:9043:10.0.0.10:9043

    After this I get connected to 10.0.0.10 and the tunnel is created.
    If I open a browser http://127.0.0.10:9043/ibm/console, I get the connection error stated in my post.
    But if I open the url : http://localhost:9043/ibm/console, I get the page I want to open. And this behavior, using "localhost", is a "normal" behaviour.

    Now, regarding the 127.x.x.x addresses and using the above example with a little change:

    putty connection to a 10.0.0.10 server creating tunnel in port 9043 and another tunnel to the 10.1.1.11 server in the same port (9043)

    *putty user@10.0.0.10 -L 127.0.0.10:9043:10.0.0.10:9043 -L 127.1.1.11:9043:10.1.1.11:9043 *

    In the above example, there are now 2 different tunnels to 2 different servers on the same port. But, the "local" interfaces http://127.0.0.1:9043 and http://127.1.1.11:9043 are still blocked by the above error and localhost:9043 is still working. despite that we have 2 tunnels on the same port, I believe that is the first one to be created that answers to localhost requests ( doesn't really matter because that target is to user the 127.xxx addresses).

    Wrapping it up, I believe that "something" is blocking the 127.x.x.x connections. I thought that the firewall was the guilty but even with specific rules to allow traffic into/from 127.x.x.x it is not working.

    The problem could be "workarounded" by using different local ports:
    Ex:
    *putty user@10.0.0.10 -L 127.0.0.10:9043:10.0.0.10:9043 -L 127.1.1.11:9999:10.1.1.11:9043 *
    This would lead to http://localhost:9043 and http://localhost:9999 to work simultaneously (but stil the http://127.x.x.x would not work )

    Unfortunately, this defeats the target of using a one-to-one mapping of local / target hosts

    So, Why aren't the 127.x.x.x addresses working?

    Best regards.
    Tiago Lopes

    0 comments No comments

  3. Limitless Technology 44,016 Reputation points
    2022-10-19T07:18:39.677+00:00

    Hello there,

    Are you able to ping it.?

    In a TCP/IP network, the loopback IP address is 127.0. 0.1, and pinging this address will always return a reply unless the firewall prevents it.

    If you are unable to ping the local loopback adapter, TCP/IP might need to be reloaded or reconfigured on the machine you are using.

    --------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments

  4. Tiago Lopes 1 Reputation point
    2022-10-20T07:30:43.387+00:00

    Odd thing... restarted and BAM... all is working now!


  5. Tiago Lopes 1 Reputation point
    2022-11-04T13:01:35.863+00:00

    SSH is done by using putty and putty proxy settings. I can establish the connection but the local interfaces do not work.

    you can do a small test with this example ( you bust have 2 servers listening or port 80

    Putty -load PROXY user@serverA -L 127.10.10.10:80:serverA:80 -L 127.20.20.20:80:serverB:80

    The putty PR0XY profile has only the socks5 proxy definition
    serverA and serverB must have a listener on port 80 and server must be able to connect to server

    result:
    http://127.10.10.10 will retrieve pages form serverA
    http://127.20.20.20 will retrieve pages form serverB

    I found out that it is stranger than what I thought.
    While preparing examples with screenshots I found that actually the above examples work. But if you change the tunnel to use different 127.x.x.x address ranges it will fail:
    If using 127.10.x.x it will work as design But if you use higher octet 127.210.x.x it will fail to connect

    Putty -load PROXY user@serverA -L 127.210.10.10:80:serverA:80 -L 127.220.20.20:80:serverB:80

    The putty PR0XY profile has only the socks5 proxy definition
    serverA and serverB must have a listener on port 80 and server must be able to connect to server

    result:
    http://127.210.10.10 will render an error
    http://127.220.20.20 will render an error

    257282-examples.png

    0 comments No comments