All Products
Search

This Product

    :"Host 'xxx.xxx.xxx.xxx' is not allowed to connect to this MySQL server" error in DMS

    Document Center

    :"Host 'xxx.xxx.xxx.xxx' is not allowed to connect to this MySQL server" error in DMS

    Last Updated:Feb 27, 2026

    Problem

    When you log on to a MySQL database through Data Management (DMS), the following error is returned:

    null, message from server: Host 'xxx.xxx.xxx.xxx' is not allowed to connect to this MySQL server

    Cause

    The mysql.user table restricts the database user to local connections only. Because DMS connects to your MySQL instance from a remote IP address, MySQL rejects the connection.

    Solution

    Create a database user that allows remote connections from the DMS CIDR blocks.

    Important

    • Before you modify database configurations, check the disaster recovery and fault tolerance capabilities of your instances to ensure data security.

    • Create snapshots or enable log backup for your ApsaraDB RDS instance before making changes.

    • If you have entered sensitive information such as your logon account and password in the Alibaba Cloud Management Console, change the information promptly.

    Step 1: Log on to the MySQL database

    Connect to the MySQL database by using a command-line tool or a MySQL client.

    Step 2: Grant remote access to DMS

    Run the following SQL statements to create a user that can connect from the DMS CIDR blocks. The statements differ depending on the network type of your instance.

    Note

    For the full list of DMS IP address ranges by region, see Add DMS IP address ranges.

    Classic network

    grant all privileges on *.* to 'dms'@'120.55.177.0/24' identified by '<your-password>';
grant all privileges on *.* to 'dms'@'121.43.18.0/24' identified by '<your-password>';
grant all privileges on *.* to 'dms'@'10.153.176.106/24' identified by '<your-password>';
grant all privileges on *.* to 'dms'@'10.137.42.136/24' identified by '<your-password>';
    Note

    • Replace <your-password> with the password that you want to set for the database user.

    • These CIDR blocks are private CIDR blocks of the Alibaba Cloud classic network.

    • The GRANT ... IDENTIFIED BY syntax applies to MySQL 5.7 and earlier. For MySQL 8.0, use CREATE USER and GRANT as separate statements.

    VPC

    grant all privileges on *.* to 'dms'@'100.104.175.0/24' identified by '<your-password>';
grant all privileges on *.* to 'dms'@'100.104.72.0/24' identified by '<your-password>';
grant all privileges on *.* to 'dms'@'100.104.5.0/24' identified by '<your-password>';
grant all privileges on *.* to 'dms'@'100.104.205.0/24' identified by '<your-password>';
    Note

    • Replace <your-password> with the password that you want to set for the database user.

    • These CIDR blocks are private CIDR blocks of the Alibaba Cloud virtual private cloud (VPC).

    • The GRANT ... IDENTIFIED BY syntax applies to MySQL 5.7 and earlier. For MySQL 8.0, use CREATE USER and GRANT as separate statements.

    Applicable products

    • Data Management (DMS)

    • ApsaraDB RDS for MySQL