Step 1-4 | There is no clear error message when the remote connection fails

Step 1: Use the Alibaba Cloud Workbench tool to test remote login

Use the Workbench tool provided by Alibaba Cloud to log in remotely. The Workbench tool will return specific error messages and solutions when an exception occurs in the remote login. The test steps are as follows:

1. Log in to the ECS management console.

2. On the left navigation bar, select Instances and Images > Instances.

3. In the upper left corner of the top menu bar, select Region.

4. On the instance list page, find the instance to be connected, and click Remote Connection under the operation column corresponding to the instance.

5. In the pop-up remote and command dialog box, click Login Now corresponding to the Workbench remote connection.

6. The Workbench tool will automatically fill in the basic information required to log in to the target instance. Please confirm the correctness of the basic information and enter the login user name and authentication information. and processed according to the following results:

1) If you still cannot log in, the Workbench tool will return error prompts and solutions, please handle it according to the system prompts. After processing, re-use the Workbench tool to perform a remote login test. In order to facilitate you to solve the problem, the following lists the common abnormal problems when using the Workbench tool:

• When the Workbench tool remotely connects to a Windows instance, it prompts that the connection timed out

• When Workbench remotely connects to a Windows instance, it prompts "Please check whether the address, port, user name, password and other information are filled in correctly."

2) If you can log in normally through the Workbench tool, but you cannot log in remotely through the local server, it means that the port and service of the remote connection are normal, and you can check it yourself.

Step 2: Check if you have received a black hole notification

Please check whether you have received a black hole notification. During the black hole, public network access to the server cannot be supported.

Step 3: Check port and security group

Check whether the security group rules are restricted. The specific operations are as follows:

1. Log in to the ECS management console.

2. In the upper left corner of the top menu bar, select Region.

3. On the instance list page, click the corresponding instance ID.

4. On the instance details page, click the Security Group tab, and in the Security Group List area, click Configure Rules in the Operation column.

5. Select the rule direction of the security group rule.

6. On the security group rules page, you can choose any of the following methods to add security group rules. For details, see Adding Security Group Rules.

Method 1: Quickly add security group rules

Authorization policy: allow

Port range: RDP (3389)

Authorization object: 0.0.0.0/0 (represents all IP access)

Method 2: Manually add security group rules

Authorization policy: allow

Priority: 1 (represents the highest priority in security rules, the smaller the number, the higher the priority)

Protocol Type: Custom (TCP)

Port range: If the custom remote port is 33899, set it to 33899

Authorization object: 0.0.0.0/0 (represents all IP access)

7. Remote desktop connection through IP:port.

8. Use the command to perform a port test to determine whether the port is normal.

Step 4: The local public network IP is intercepted by the cloud security center

If you enter wrong login information multiple times when a local client network connects to the ECS server, the request for remote login to ECS from this IP will be blocked. You can add the local IP to the whitelist in the settings of the cloud security center, so that the local IP will not be blocked from remotely logging in to this server. The specific operations are as follows:

1. Log in to the cloud security center console.

2. On the left navigation bar, select System Configuration > Function Settings.

3. On the Other Configuration sub-tab of the Settings tab, click the configuration in the security control area to jump to the security control console.

4. On the left navigation bar, select Whitelist Management > IP Whitelist.

5. On the IP Whitelist page, click Add.