Tuesday, June 18, 2013

Allow mongo to connect from remote IP

Access to mongo is controlled with iptables for Linux based OS.

Step 1

Make sure in your /etc/mongodb.conf file you have the following line,
bind_ip =

Step 2

Add iptables rules to control the incoming and outgoing traffic for mongo. Here is a sample command if you have the default ports for mongo.

$ sudo iptables -A INPUT -s 198.61.168.XXX,166.78.113.XX -p tcp 
--destination-port 27017 -m state --state NEW,ESTABLISHED -j ACCEPT
$ sudo iptables -A OUTPUT -d 198.61.168.XXX,166.78.113.XX -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT

Here 198.61.168.XXX and 166.78.113.XX are the IP from where you want to access the mongodb.


Anonymous said...


This is perfect and is exactly what I'm looking for. Now, I'm able to connect to my remote mongodb as: mongo --host

But, now I get the error:
> i = {x:34, y:"vijay"}
{ "x" : 34, "y" : "vijay" }
> db.x.insert(i);
"writeError" : {
"code" : 13,
"errmsg" : "not authorized on test to execute command { insert: \"x\", documents: [ { _id: ObjectId('534ae487c1c8d008b19ef5d7'), x: 34.0, y: \"vijay\" } ], ordered: true }"

Do you know how to fix it..

Anonymous said...

yes. just grant a root role for this user

Anonymous said...

yes. just add a "root" role to this user