Connecting to remote neo4j server

Question

I have a neo4j server running on a GCE Ubuntu 16.04 instance, and I want to access it in my local browser. When I type in the address in the browser, it throws a DNS error. What can I do to connect? This is what I've done so far:

Added firewall rules on GCE to enable remote hosts to listen on ports 7474 and 7473.

Changed the following lines in /etc/neo4j/neo4j.conf:

# With default configuration Neo4j only accepts local connections.
# To accept non-local connections, uncomment this line:
dbms.connectors.default_listen_address=0.0.0.0

# Bolt connector
dbms.connector.bolt.enabled=true
#dbms.connector.bolt.tls_level=OPTIONAL
dbms.connector.bolt.listen_address=:7687

# HTTP Connector. There must be exactly one HTTP connector.
dbms.connector.http.enabled=true
dbms.connector.http.listen_address=:7474

# HTTPS Connector. There can be zero or one HTTPS connectors.
dbms.connector.https.enabled=true
dbms.connector.https.listen_address=:7473

Netstat output:

Proto Recv-Q Send-Q Local Address           Foreign Address         State 
tcp6       0      0 :::7687                 :::*                    LISTEN     
tcp6       0      0 :::7473                 :::*                    LISTEN     
tcp6       0      0 :::7474                 :::*                    LISTEN

Every time I start neo4j (service neo4j start, and not just neo4j start), it says the following:

Jul 12 18:43:50 instance-1 neo4j[2003]: 2017-07-12 18:43:50.188+0000 INFO  ======== Neo4j 3.2.2 ========
Jul 12 18:43:50 instance-1 neo4j[2003]: 2017-07-12 18:43:50.358+0000 INFO  Starting...
Jul 12 18:43:54 instance-1 neo4j[2003]: 2017-07-12 18:43:54.119+0000 INFO  Bolt enabled on 0.0.0.0:7687.
Jul 12 18:44:03 instance-1 neo4j[2003]: 2017-07-12 18:44:03.511+0000 INFO  Started.
Jul 12 18:44:08 instance-1 neo4j[2003]: 2017-07-12 18:44:08.037+0000 INFO  Remote interface available at http://localhost:7474/

If you get a DNS error, then that's not really a neo4j issue, is it? Do you have anything else running on it that you can access? — manonthemat
Yes, I've had no problems accessing my Flask application running on the same instance, but I haven't been able to connect to neo4j from a remote Python script either — lordingtar
It sounds like your firewall rule isn't working out as you expect. As tom says, you need to allow 7687 in your f/w rules. Does your instance have a tag? Does your fw rule have targetTags that include the tag from your instance? — Dave Bennett
@DaveBennett I've set the targetTag to all instances in the network so that should be okay. I've also set the firewall rule the exact same way as I set up Flask, but it looks like this is tcp6. GCE doesn't allow me to set it as tcp6:7474, so I'm assuming tcp:7474 takes care of both v4 and v6 — lordingtar

Tom Geudens Tom Geudens · Accepted Answer · 2017-07-12T04:54:26

Here's a couple of things to check :

Can you ping the instance from your local desktop ? What does an nmap -p 7474 show (if the port not open things are not set up correctly) ?
On the GCE, does a netstat -an show ports 7474, 7473 and 7687 (!) to be LISTENing on 0.0.0.0 ? You did restart neo4j after changing neo4j.conf ?
You need to open the bolt-port 7687 as well. While this is not your current issue (you should see the page at least) the browser uses bolt to connect to the database. So nmap -p 7687 should show the port to be open as well !

Hope this helps !

Regards, Tom

Connecting to remote neo4j server

1 Answers