Cannot access Kibana from machine on different network, getting ERR_CONNECTION_RESET

HI,
I have installed Kibana 7.2.1 and hooked it to a locally run Elasticsearch instance. I can see the default app "discovery" from another machine ' s browser when that machine is on the same network. But from my laptop which is on a different network, I keep getting bootstrap.js:108 net::ERR_CONNECTION_RESET 200 which is "document.head.appendChild(dom);

I believe it may have been some kind of network setting but I am not sure where to look.  I can curl to my ES on the same machine and I tried changed port and both has no issues.  Other web application that run apache or node.js also has no such issue.  Can anyone help?

I am using the default kibana.yml and did not change anything other then setting the server.host and server.name to my host name.  

Can anyone help?
Thanks,

In kibana.yml

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
#server.host: "localhost"

If you don't change this, you Kibana only listens on the localhost interface.

I have the server.host set to my machine IP address. I can connect to it from machines in the same network. I just can’t connect to it from machines from another network which can ping and curl to elastic or other web server running on the same host as my kibana.

.

Do you have any firewall rules on the system or network firewall devices?

netstat -an | grep 5601 --> check that it is listening on your machine IP.

Hi,
I found out it is related to internal security detection that thinks the vendors.bundle.dll has Javascript_Suspicious_Aliasing when eval and fromCharCode is aliased which is deemed as a security loop hole. This caused the vendor.bundle.dll response truncated and Kibana response in failed to load error.
The question is how to fix this issue...

If it's this https://www.cvedetails.com/cve/CVE-2019-7616/ I think you have to upgrade to 7.3.0

It is company security issue. Somehow it detect the following item: JavaScript_Suspicious_Aliasing and blocked the access. The access is from my laptop to another machine on another network but within the company. If it is in the same subnet, it is not blocked. The blocking result in truncated response which caused the Dom to fail.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.