Fedora Networking :: Port Forwarding Not Working?
Apr 23, 2009
I am running Fedora Core 10 and KDE 4.2.1. My KTorrent is having trouble finding online peers lately. I suspect this is a port forwarding issue. I have set up my router to forward port 4444 (UDP) and port 56000 and more (TCP) to my machine's IP address. I have also set my local firewall (system-config-firewall) to allow these ports through.But when I try to test ports 4444 and 56000 via this Open Port Check Tool, it tells me they are closed
View 6 Replies
ADVERTISEMENT
Jan 28, 2011
I've used iptables since it replace ipchains, and I've never had a problem like this.The problem is, as you can see by the title, that port forwarding simply does not work.
network topology:
Slackware Linux Server:
eth0 - LAN (192.168.0.0/25)
eth1 - DSL Static IP
eth2 - cable Static IP
eth1 is our standard office connection; it handles all of our default traffic (web browsing for the staff, email, etc). eth2 is our VPN connection, as well as use for all incoming connections (www, etc). Behind the linux box I have a series of Windows Server 2008 R2 boxes that are used to run our office software, website, etc - I don't care how nice they make their products these days, I simply don't trust any MS box open to the net.
Therefore, this leaves me with having to port forward port 80 from eth2 to the internal IP address of the web server.
My ruleset is as follows:
$WWW - ip address of the web server
iptables -A FORWARD -d $WWW -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j DNAT --to $WWW
Running ip route shows that I have routing entries for all 3 networks, and I can ping, ssh, etc to any of the addresses without issue. OpenVPN connects across eth2 as well, and all 15 of my VPN tunnels work fine. However - and here's the kicker - if I delete the default route and replace it with the route for eth2, port forwarding works fine.
If we accept that my networks are as follows:
192.168.0.0/25 - eth0 net, gw .1
1.1.1.0/29 - eth1 net, gw .1, eth1 ip .2
2.2.2.0/30 - eth2 net, gw .1, eth2 ip .2
then ip route reveals the following:
2.2.2.0 via 2.2.2.1 dev eth2
2.2.2.0 dev eth2 scope link src 2.2.2.2
1.1.1.0 dev eth1 scope link src 1.1.1.2
[code]....
View 7 Replies
View Related
Dec 12, 2009
I have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
Code:
PORT STATE SERVICE
22350/tcp closed unknown
[code]....
View 2 Replies
View Related
Feb 18, 2010
I was trying to setup port forwarding on my setup. My network consists of:
Code:
[Server: xxx.xxx.xxx.15]
|
|
[ switch ]
[code]....
I ran the following 2 commands:
# iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination xxx.xxx.xxx.15:80
# iptables -A INPUT -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT
Yet I am unable to connect. Are these the correct commands? I am using IP Masquedering on the same box using the following commands:
Code:
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
[code]....
I don't think there is a hidden firewall in the switch but if these commands are correct, then I may need to contact my ISP and see if they are blocking the commands. I just wanted to make sure I was not doing some stupid mistake before I try to contact my ISP.
EDIT: Also, is it possible to forward Port 80 requests to different servers depending on the hostname used to connect, so say [URL] redirects to server xxx.xxx.xxx.15 while hhh.com redirects to xxx.xxx.xxx.16?
View 3 Replies
View Related
Mar 22, 2009
I have a question regarding port forwarding. I have a fedora server, with two eth cards: eth0 ---> external IP, eth1 ----> LAN IP I use SNAT for connection sharing. I also have an internet domain hosted on this server... let's call it [URL] Anyway, one of our computers in the LAN has some kind of web server on it, which must be accessed from the internet on the port 23700.
So, using iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 23700 -j DNAT --to 192.168.1.25 (the IP of the network computer) Everything works perfectly fine from outside the lan. When I type [URL], I connect to that computer. My problem is that inside the lan, typing [URL] does not work! It only works if I enter it by IP 192.168.1.25:23700 Is there any way to make the server forward my request to that specific computer even if I'm inside the LAN?
View 3 Replies
View Related
Mar 31, 2011
I'm trying to implement remote NFS in our network
So I read a lot of posts on the Internet, but I don't understand which ports I have
to open/forward for this.
On some posts I see a lot of ports, I don't want to do this.
If this is the case, and I would set up NFS through an ssh tunnel, then do I only need the ssh port and does this mean it will always work if the server is reachable through ssh?
Or is this wishful thinking ?
View 4 Replies
View Related
Feb 10, 2009
I've recently installed OpenVPN on my dedicated server (Fedora) in order to have full internet access for all of my WinXP clients. In case somebody is interested in the details of the OpenVPN installation, I followed this documentation: Rootserver-as-OpenVPN-Gateway. The installation runs quire nicely, I'm able to surf the net and even file-sharing programs work on the XP clients - at least to some extent. There is a slight problem though: the file-sharing programs complain that they have a "NAT problem" or that they are "Firewalled".
Most likely, this problem can be addressed by configuring remote port forwarding (RPF) on the server. The only routing rules which I've added on the server during the OpenVPN installation are these:
Code:
# initialize natting for openvpn
iptables -t nat -F POSTROUTING
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -s 10.66.66.0/24 -j MASQUERADE
Let's assume a certain application on a client is listening on e.g. port 1234. How do I configure RPF for this port on the server side.
View 1 Replies
View Related
Oct 29, 2010
I have a set up with a computer that has two network cards and is connected to two networks. Both networks connect to the internet via separate routers that have DHCP enabled. I can set one of the routers up to do port forwarding to the computer without any complications but if I want to do the same on the other router the port forwarding from it doesn't work and I can't reach the system.
I know for a fact that the services are accessible from both networks and both routers can forward ports to other computers in their network. The networks are 10.10.0.1/24 and 172.22.0.1/24. I've tried turning off iptables but that didn't change anything.
Is there any kind of setting that could prevent the interface on the computer to reject traffic using NAT or something?
If I disable the interface on the working network (ifdown eth1) then suddenly eth0 on the other networks starts accepting requests sent to it via the router that does the port forwarding. I do however want to emphasize that services work just fine as long as the requests originate from either of the networks they are on.
View 3 Replies
View Related
Aug 7, 2010
When I use the following command:
ssh user@ssh_server -L 5500:localhost:5500 -p 22
everything works fine. I can log in, and local port forwarding is done. Otherwise when I use the command:
ssh user@ssh_server -R 5500:localhost:5500 -p 22
I get an error "remote port forwarding failed for listen port 5500". However when I try remote port forwarding in WinXP by use of putty there is no problem...
View 2 Replies
View Related
Feb 7, 2010
I am setting up Apache (Fedora 12) inside my home network. From inside my home network I access it without any problem. I need to set it up to access it from internet. I have the following questions. Here is temporary setup for testing purpose.
Internet-->ADSL modem (SEIMENS Speed Stream 4200)---> Apache (Fedora 12)
1. Do I have to do any kind of ports forwarding on ADSL modem. (There is no option to do port forwarding on Modem) May be I need different Model of Modem??
2. I tired to Ping my real IP for modem form another computer from internet. I am even unable to PING the ADSL 's real IP. Why it is that?
View 6 Replies
View Related
Jul 14, 2011
I want to set my ip as static and port forward it through a specific port can anyone help me with this im using ubuntu 10 with 64 bit OS
View 1 Replies
View Related
Mar 25, 2010
I have a mail server on which I would like to block port 25 on my eth0 for everyone except our external spam filter. the problem is that I want our users to be able to connect via port 10025 which is forwarded to port 25, which then is blocked...
View 2 Replies
View Related
Oct 24, 2010
I had to add them to my firewall script when I installed openvpn on my dd-wrt router:
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
what should I add/change to set up port forwarding of port 1000 to ip 192.168.1.200. also how to get the answer sent by 192.168.1.200 follow the same route used by the data received through port forwarding.
View 1 Replies
View Related
Mar 8, 2011
I am using Fedora 14 x86_64 as the host and Windows XP under VirtualBox 4.0.4. I have added two ports (TCP and UDP) to the firewall settings in 'other ports' in the Fedora firewall setings. Do i need to do this?I noticed the port forwarding option in the Fedora's firewall settings which asks for either the ports to be forwarded to either local or an ip address. Do i need to do anything here?
In the settings under VirtualBox under Network adapter 1 (which is enabled) and attached to NAT, there is a port forwarding option in the advanced settings. Can the host and the guest port be the same number? If i use 'open port checker' to check if the tcp port is open in windows xp, will it work as it does in firefox under Fedora?
View 2 Replies
View Related
Mar 26, 2010
I have the following setup and Im trying to forward all incoming connection on port 1194 on eth2 which is the external network to ip 192.168.10.100, but seems its not working.
Current config:
# Generated by iptables-save v1.3.8 on Sun Nov 16 00:00:54 2008
*nat
:PREROUTING ACCEPT [26751696:2175544875]
:POSTROUTING ACCEPT [339911:19096812]
[code]....
plus im adding the prerouting:
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 1194 -j DNAT --to-destination 192.168.10.100
This configuration doesnt work. I also I have tried:
iptables -D PREROUTING -t nat -p tcp -d XX.XX.XX.XX --dport 1194 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to 192.168.10.100:1194
and the same its not working. Connecting thru telnet to the domain: telnet mydomain.org 1194 doesnt work, but within the server, running telnet 192.168.10.100 1194 it works.
View 8 Replies
View Related
Jul 17, 2009
I am using ubuntu 8.40 as a router wit 2 nic.eth0 is for local and eth1 is for external network.i have a internal webserver in my lan and want to forward some ports to the net and i executed te following commands.
iptables -t nat -A PREROUTING -p tcp -i eth1 -d 192.168.0.239 --dport 8080 -j DNAT --to 192.168.10.99:8080
iptables -A FORWARD -p tcp -i eth1 -d 192.168.10.99 --dport 8080 -j ACCEPT
But i cant connect to the port 8080 from the external network.
View 11 Replies
View Related
May 17, 2011
I have two SUSE(2.6) virtual machines running in the same subnet with two network cards each as shown below.
VM1------------------------------------------------------------------------------
appstage1:~ # ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:22:5A:24
inet addr:192.168.128.12 Bcast:192.168.128.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe22:5a24/64 Scope:Link
[Code]....
Ultimately my DB will run in VM2 and any DB requests coming in at 2055 of VM1 should be forwarded to port 2055 of VM2. Since I do not yet have a DB running I am trying to test with netcat.
View 5 Replies
View Related
May 7, 2011
I've had Debian on my laptop for around 4 months which I rarely use. I'm using Squeeze since it seems to be the only release that will work with my ethernet card.The internet had been working fine for a couple of months but broke when I tried to allow port forwarding for torrents. I could only connect to the internet after this by using:
iptables -F
iptables -X
iptables -t nat -F
[code]....
View 2 Replies
View Related
Nov 21, 2010
I have a ubuntu 9.10 on my desktop in my office and I have another ubuntu on my home desktop. Both machines are behind a router. I guess many people have already asked the same question: how to remote control the office desktop from my home desktop?Many posts discussed about solving this by setting up ssh and port forwarding. But my situation is that I cannot control the router in my office so I cannot set up any port forwarding for my office desktop. So I guess my question becomes how to remote control my office desktop without setting up any port forwarding on the office router.
View 3 Replies
View Related
Mar 26, 2011
I currently use a commercial VPN when working overseas for secure internet access.
I now also need to VNC to a home ubuntu desktop (which runs software 24/7 that I need to periodically check).
When overseas, I use a Ubuntu laptop and an Android tablet.
For the VNC I intend to use an SSH tunnel. So my question is: should I ALSO set up openVPN on the home computer (so I can stop paying for a commercial provider which routes all my traffic twice across the Atlantic...) or is it easier/better to use the SSH tunnel for the secure webbrowsing too? Something like a SOCKS proxy?
View 8 Replies
View Related
Jan 8, 2010
We have one linux machine in the office which happens to be an important firewall. I just know the basics and need to make one changeEssentially it is forward mysql traffic to another internal machine.This is the original rule (forward to 192.20.0.17) which is working
Code:
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 3306 -j allowed
$IPTABLES -t nat -A PREROUTING -p TCP -i $INET_IFACE -d $STATIC_IP --dport 3306 -j DNAT -
[code]....
View 2 Replies
View Related
Mar 23, 2011
I have my mail application running on xxxx port in IPv6 and IPv4 enviornment on Linux machine (RHEL 5).I want to forward IPv4 request comming from windows client
View 2 Replies
View Related
Aug 14, 2010
I have a CentOS box which is Internet Facing. It has 3 LAN's connected to it which are for virtual machines.
I want to port forward port 445 to a machine on one of the LAN interfaces. I have tried various ways to get it done, but still cannot access that port from the interface. I definately know device hosting port 445 is live, as I can ping it from the CentOS box and use lynx to access it! (It's a web server)
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 445 -j DNAT --to-destination 192.168.0.2:445
View 6 Replies
View Related
Jun 7, 2010
I've been Googling about port forwarding iptables and even though there's result and I've applied it in my script, I can't make iptables forwading request to another machine so I decided to ask help.
eth0 is my Internet Interface (1.2.3.4 is the public ip)
eth1 is my Lan Interface
eth2 is my DMZ Interface
[code]....
View 14 Replies
View Related
Feb 3, 2010
I have two PC's, one with slackware and one with arch, and I am trying to access the web server from the archlinux machine but i haven't manage to do that. The archlinux machine is connect to the internet via the slackware machine via a crossover cable:
internet > eth0 (pc1) and ppp0 (the PPPoE connection, pc1) > eth1 (pc1) > eth0 (pc2)
PC1:
ifconfig eth1 192.168.0.1 netmask 255.255.255.0
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -j ACCEPT
pc2:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
ifconfig eth0 up
route add default gw 192.168.0.1 eth0
/etc/resolv.conf (The same DNS as the first PC)
And now the internet is working and on the archlinux machine, but I am not able to access the web server from LAN with a public IP. I tried many iptables port forwarding commands but none worked.
View 14 Replies
View Related
Mar 4, 2009
I have the wake on lan option enabled on my debian computer. If i wake it by sending:
-mac adres
-internal ip in my home network
-subnetmask
-port 7
It all works fine, but when i try to do it from outside my network and change the ip address to the router adress it wont go on. I have also opened the port 7 in my router.
View 6 Replies
View Related
May 6, 2011
I have a server running debian squeeze and kvm to virtualize a Windoze box. It's setup to use NAT. This is because of limits on the network by the admin and unfortunately, there isn't a way to get around this.
View 1 Replies
View Related
Jul 24, 2010
Have router running Fedora 11 with eth0 - Internet (with static IP) and eth1 - LAN using IP 192.168.0.8.
I want to contact over RDP my Windows 7 machine, so I added to iptables:
But this won't work.
View 9 Replies
View Related
Jan 15, 2010
I've setup dynamic port forwarding using Putty, SSH and Firefox.All works well when visiting normal websites (servers listening at port 80). But why can't I visit https websites?Nothing seems to be happening when I visit those.
View 2 Replies
View Related
Jan 31, 2010
I have a script to establish a reverse tunnel with other machine,My problem is to stop the tunnel. If I just kill the PID at sshtunnel.pids, ssh does not release the ports at the server side, so any new connection will fail for several minutes.Is there any way to signal SSH to exit gracefully?
View 5 Replies
View Related
