Cant login to mysql on another droplet

Hi, there, I have two droplet (vlife-portal & vlife-data ) with the same configuration. vlife-portal have a SSL.

Within both mysql.user, I have set up root@‘private IP’ and grant them related privileges.

And I followed the tutorial in the community to set up master & slave mysql, I tried to make vlife-portal as master and the other as slave. But after I start the slave, I find that I cant connect to vlife-portal.

Then I tested on vlife-portal in my terminal, I can connect to vlife-data’s Mysql directly. However, when I on the vlife-data, I cant connect to vlife-portal.

iptables / firewalls are not enabled. No bind-address in my.cnf. I tried bind-address to still not work.

**Error msg: ** ERROR 2003 (HY000): Can’t connect to MySQL server on ‘private IP’ (110)

Could you please give me an hand on this? Thanks.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

This comment has been deleted

This comment has been deleted

Hi @cetetek

Okay, so you actually have a firewall rule that specifically blocks MySQL:

DROP tcp -- tcp dpt:3306

And I don’t see MySQL listening on the port, but only on a socket, so maybe you have the skip-networking defined somewhere in the configuration.


If you’re unable to connect on the private IP, it’s most likely due to MySQL not being bound to it. You may need to explicitly bind to it using:

bind-address = PRIVATE_IP

Where PRIVATE_IP is the private network IP for your Droplet. Once you bind MySQL to a private IP, you need to create a new user that uses the connecting servers private IP.

For example, let’s say that the MySQL servers private IP is and the connecting servers IP is

You’d set:

bind-address =

and then create a new user using the connecting servers private IP:

grant all on dbname.* to 'dbuser'@'' identified by 'dbpassword';

You’d sub out dbname, dbuser, and dbpassword with your own values.

Hi @cetetek Can you run sudo lsof -iTCP -sTCP:LISTEN -P on the data server?