When setting up MySQL on Ubuntu, a common hurdle is enabling remote connections. The error message:

MySQL Error Nr. 2003
Can't connect to MySQL server on '192.168.0.2' (111)

typically indicates the server isn't configured to accept remote connections, even when ping works perfectly.

First, edit the MySQL configuration file:

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

Locate the bind-address line and modify it:

# Original (only local connections)
bind-address = 127.0.0.1

# Modified (accept remote)
bind-address = 0.0.0.0

Connect to MySQL and grant remote access to specific users:

mysql> CREATE USER 'remote_user'@'%' IDENTIFIED BY 'secure_password';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'remote_user'@'%' WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;

Ensure Ubuntu's firewall allows MySQL port (default 3306):

sudo ufw allow 3306/tcp
sudo ufw enable

Test remote connectivity using the mysql client:

mysql -u remote_user -h server_ip -p

For troubleshooting, check MySQL's error log:

sudo tail -f /var/log/mysql/error.log

For production environments, consider these additional measures:

# Restrict access to specific IPs
mysql> GRANT ALL ON db.* TO 'user'@'client_ip';

# Use SSH tunneling for sensitive connections
ssh -L 3306:localhost:3306 user@mysql_server

Remember that exposing MySQL to the internet requires proper security measures like strong passwords and possibly VPN protection.

---

When setting up MySQL on Ubuntu, the default configuration only allows localhost connections. This security measure prevents unauthorized remote access out of the box. The error message you're seeing (Error 2003) typically indicates one of three issues:

• MySQL isn't configured to listen on external interfaces
• User privileges don't allow remote connections
• Network/firewall restrictions are blocking the port

First, verify how MySQL is currently configured to listen for connections. Open the MySQL configuration file:

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

Look for the bind-address directive. By default, you'll likely see:

bind-address = 127.0.0.1

To enable remote connections, you need to modify the bind address. You have three options:

# Option 1: Listen on all interfaces
bind-address = 0.0.0.0

# Option 2: Listen on specific IP
bind-address = 192.168.0.2

# Option 3: Comment out to default to all interfaces
#bind-address = 127.0.0.1

After making changes, restart MySQL:

sudo systemctl restart mysql

Even with the correct bind address, MySQL users need explicit remote access permissions. Connect to MySQL locally:

mysql -u root -p

Then grant remote access to a user (replace values as needed):

CREATE USER 'remote_user'@'%' IDENTIFIED BY 'secure_password';
GRANT ALL PRIVILEGES ON *.* TO 'remote_user'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;

For more restrictive access (recommended for production):

CREATE USER 'limited_user'@'192.168.0.%' IDENTIFIED BY 'password';
GRANT SELECT, INSERT, UPDATE ON dbname.* TO 'limited_user'@'192.168.0.%';
FLUSH PRIVILEGES;

Ubuntu's UFW firewall might block MySQL's default port (3306). To allow traffic:

sudo ufw allow from 192.168.0.0/24 to any port 3306
sudo ufw enable
sudo ufw status

From another machine in your network, test the connection:

mysql -h 192.168.0.2 -u remote_user -p

For advanced troubleshooting, check if MySQL is actually listening on the port:

sudo netstat -tulnp | grep mysql
telnet 192.168.0.2 3306

Never expose MySQL directly to the internet. For production environments, consider:

• Using SSH tunneling for remote access
• Implementing VPN for database connections
• Setting up MySQL connection encryption
• Regularly auditing user privileges

For SSH tunneling example:

ssh -L 3306:localhost:3306 user@192.168.0.2