I cannot connect to my flukso (connection refused)

by tomdw on

My Flukso has been running fine for some years, but since a few months it was not reporting consumption to pvoutput.org anymore. Finally found time to have a look at the issue. But it seems the problem is even larger.

I could/cannot connect to my flukso on my local LAN, not using http, https not over ssh ... the result is always 'connection refused'.

I did a full reset and reconfigured network settings. On the local 192.168.255.1 page everything is indicated 'OK' - all tests are 'OK'. ... The flukse is reporting in my dash, so internet connection is ok.

But when I want to connect over my LAN network to the flukse, I still get 'connection refused'.
The strangest thing is, I can connect to the mqtt broker over LAN and see the stream of messages.

Does anyone has any clue on what is happening ?

Thanks, Tom

‹ connection fail Flukso High CPU usage of Flukso software ›
tomdw's picture
tomdw |

Thanks Markus, can't remember I had to do this years again, but must have forgotten. I also installed your flmlocal. Great job. Small addition to your documentation, I had to use

scp -oKexAlgorithms=+diffie-hellman-group1-sha1 -r * root@192.168.0.114:/www/

to allow for legacy key encryption to connect/copy over ssh

gebhardm's picture
gebhardm |

:-) - flmlocal is now like the FLM, running until its final day untouched...

mr_thingy's picture
mr_thingy |

On a related note, is there any way to get to the ethernet-port config interface via WiFi? I need to change some settings on my 02B and getting a laptop to it for the physical config is a bit of a pain.

As a general comment for @gebhardm, the 02B's configurable ports would be sorely missed if I got anything else, I'm using all possible ports for pulse-count so if this 02B ever dies there's nothing available to replace it with unless I get more than one 03 to handle the current 02B's load.

gebhardm's picture
gebhardm |

mr_thingy, I do not really get your question. Are you able to access your 02B via ssh? If yes, then the complete configuration is just a vi ahead on /etc/config

mr_thingy's picture
mr_thingy |

Sorry, badly worded question, what I meant was is there a way to get the SSH access you'd get via ethernet using the WiFi interface without having to first get SSH access to set it up, a bit of a catch-22. In the meantime I've disconnected the Flukso (it's wired into a relatively inaccessible place) and set it up via wired ethernet.

One question, in this post you mention adding 'option 'input' 'ACCEPT'' to the wan settings in /etc/config/firewall, wouldn't it be better to add an SSH-specific rule:

  1. config rule
  2.         option src 'wan'
  3.         option proto 'tcp'
  4.         option dest_port '22'
  5.         option target 'ACCEPT'

gebhardm's picture
gebhardm |

The idea of @icarus75 was to configure the FLM via cable and then "leave it alone"; ssh-non-access via WLAN was the "secure by default" intent, so answer is "no". The requirement occurs only if you want to tweak the FLM afterwards, what the "normal user" most likely won't do.