You’re using the postman collection I put together - I haven’t seen this error before.
It looks like you are self-hosting the broker in AWS? Did you enable incoming connections on port 55555? I assume you used the collection as is, i.e. didn’t change any TLS related properties - the collection sets up plain SMF protocol?
@RichardB , adding to what @swenhelge said, verify that broker A can connect to broker B - can you telnet to port 55555 for the host broker A is on? If not, you’ll probably need to add that port to your security group’s incoming ports.
In addition to Tom’s answer:
If you want to check reachability from broker A to broker B, you can do:
(doing both things in a shell on the same VM as brokerA is running) telnet brokerb 55555
OR nc -v brokerb 55555
(Personally I prefer nc to telnet… but often, just one of both is installed)
@swenhelge Yes, I’m hosting both brokers. I substituted the cloud side with my AWS instance. And I’m just using plain SMF no TLS. @TomF Yes, I’ve added the ports and protocols to the AWS security group as specified here Default Port Numbers. I’m able to telnet and ncat on port 55555 from my on-prem instance to my aws instance.
One thing I tried since my last post made things work. When I set up a VPN connection to AWS, and used AWS private IPs, DMR connects and works.
@RichardB - I did test the setup with a local broker on my laptop behind my router’s firewall which doesn’t allow any inbound connections.
Sometimes it seems changes in security groups are not applied immediately, in some cases with a significant delay. Maybe that was occurring here?
The other possibility is that the corporate firewall applies protocol restrictions using packet inspection - which would explain why telnet/nc to the port work as well as the VPN tunnel.
@swenhelge - That’s a good thought. I think my corporate firewall may be doing packet inspection resulting in partial packet loss. Out of curiosity, I might try to do SMF over TLS to see if that works.