Error while connecting MongoDB Atlas thru SSH tunnel from window local machine

Error while connecting MongoDB Atlas thru SSH tunnel from window local machine via bastion

Need to connect Mongo Atlas from local window machine. VPC peering already established .Able to connect main atlas string from bastion

Getting error while connecting from local window bastion thru ssh tunnel [bastion]


Bastion Ip:
mongosh “mongodb+srv://” --apiVersion 1 --username anuragagnihotri => Atlas String=>
Individual Node:

[root@bast ssh]# grep AllowTcpForwarding sshd_config
AllowTcpForwarding yes

AllowTcpForwarding no

[root@bast ssh]#

/etc/hosts entry

from window command prompt -
C:\Users\2293940>putty -L anurag@ -i anurag.ppk

C:\Users\2293940>mongosh mongodb:// --tls --authenticationDatabase admin --username anuragagnihotri password
Enter password: ********
Current Mongosh Log ID: 659a75e115619ced907900af
Connecting to: mongodb://
MongoServerSelectionError: connect ETIMEDOUT



Already tried below steps , but did not works

Connecting Atlas cluster by manually creating SSH tunnel

Execute the following command on the machine from which you want to connect to your Atlas cluster:

ssh -i -N -L :: ec2-user@

Even though the SSH tunnel has been created, you cannot connect to Atlas cluster by specifying localhost in mongo shell, because SSL certificates are validated against the Atlas host name. To fix this, navigate to your /etc/hosts file and point ATLAS HOSTNAME to : <ATLAS HOSTNAME>

After this you can use any client to connect to the MongoDB Atlas cluster node:

mongosh mongodb://<ATLAS HOSTNAME>:<ssh tunnel port> --tls --authenticationDatabase admin --username <database username> --password 


Hi @Anurag_Agni

MongoDB Compass can correctly ssh tunnel.

To achieve this without MongoDB Compass a ssh dynamic forwarding can be used along with the proxyHost and proxyPort uri options with mongosh.

# run ssh with dynamic forwarding on localhost:3000
ssh -D 3000
mongosh "mongodb://"

Hi @chris
Thanks for your valuable guidance . Much appreciated. I will test you steps.

I have made entry of individual node in C:\Windows\System32\drivers\etc\hosts file and added bastion ip entry in access list [atlas] ,After that i am able to access individual node from local machine to atlas [thru bastion host via ssh tunneling]