Networking :: IPTables - Cannot Ping Or Access Internal Server
Mar 31, 2010
Basically, I have a windows 2003 server virtual machine (vmware) inside Ubuntu 9.10.
The Ubuntu machine has IFconfig:
Code: sam@sam-laptop:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:15:c5:b8:c8:8b
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:17
Why can't I ping or simply access the internal server on my ubuntu machine from a another computer on the 192.168.1.0 (slash)25 physical network? Do I need a bridge? Iptables?
View 4 Replies
ADVERTISEMENT
Mar 17, 2010
I have a VPS running Karmic (9.10).
I can ssh it and it serves :80 (http traffic) very well.
I have followed the tutorial from here:[URL]
I would like to ask what should I do in order to get ping to that machine working? (now I can't ping it, I get timeouts)
Code:
misha@tataata:~$ sudo iptables -L
[sudo] password for misha:
Chain INPUT (policy ACCEPT)
target prot opt source destination
[Code].....
View 4 Replies
View Related
Dec 13, 2009
I've got two routers, 10.0.0.0/23 and 192.168.2.0/24, which are joined by a Linux box with interfaces eth0 (10.0.0.2) and ra0 (192.168.2.2). I've got masquerading for ra0, and a route to 192.168.2.0/24 on 10.0.0.0's router. I CAN ping hosts on 192.168.2.0 from 10.0.0.0 just fine, but I CANNOT access web pages.Strangely, If I enable masquerading on eth0, and add a route to 192.168.2.0s router to 10.0.0.0, I can ping AND access web pages from 192.168.2.0Here is my current iptables
Code:
*filter
:INPUT ACCEPT [0:0]
[code]...
View 14 Replies
View Related
Jan 24, 2010
I'm running an own PPTP Server, but I can't get it to access the internet. All my PCs at home run in the 192.168.0.0/24 net, the PPTP Server has local IP192.168.0.5 and remote IP 192.168.0.80-99. The router to the internet is at 192.168.0.1, and the IP of eth0 on the machine where the pptpd runs is 192.168.0.4. I want to be able to connect to the internet trough that VPN and access my local LAN servers (which works fine so far). I can ping internet and local IPs successfully, but can not access them with a browser, or connect to them in any other way. I have 'accepted' all in/output and forwards.
I am running a Squid proxy on the same machine, and if I do:
iptables -t nat -A PREROUTING -j REDIRECT -i ppp0 -s 192.168.0.0/24 -p tcp --dport 80 --to-port 3128
I can access the internet through Squid, but of course Jabber/ICQ etc. Won't work then because it just refers port 80. But I want the PPTP Clients to connect to the internet directly, if I don't use that rule it's not possible to load any pages. But pinging works all the time. DNS is also working fine, but I can't even access webpages via IP directly. How can I allow the PPTP IPs 192.168.0.80-99 to get direct access to the Internet with Iptables?
View 3 Replies
View Related
Jan 28, 2009
cannot ping internal network
I am a new user to Linux but in the last couple of months gained some Idea about it,I am trying to set up a small network in my office having 3 windows xp PCs, two fedora10 PCsI have an adsl router with 4-port hub connecting to the internet, one switch (say sw1) and one linux PC (say linux1) is connected directly to the router, the three win xp PCs are connected to switch sw1.all the above is working fine, I am able to get connected to Internet In all the systems, and able to network among all the above four.Now I want to make the linux1 as a proxy server for, hence I added another network card into it connected it to another switch sw2, which is connected to another linux pc (say linux2).
I have tried a hundred things, and googled an equal no. and finally posting it here.In order to reduce confusion I have disabled DHCP in all machines, and given static ips insteadNetworkManager was not happy about it, hence to fix my static IP i disabled NetworkManager ('chkconfig NetworkManager off')
View 10 Replies
View Related
May 31, 2011
CLIENT A - 10.10.10.2
|
ROUTER - eth0 - 10.10.10.1
ROUTER - eth1 - 10.10.20.1
[Code]....
Everything is working fine and CLIENT A can talk to CLIENT B and vice versa, with only one problem - CLIENT A cannot ping 10.10.30.1.
I checked routing several times, there is no NAT and firewall is disabled on the SERVER.
CLIENT B can ping and access any device in the diagram. CLIENT A can ping and access any device in the diagram too, however cannot ping eth1 of SERVER (10.10.30.1). ROUTER can ping any device in the diagram except eth1 of SERVER (10.10.30.1).
If I launch 'ping 10.10.30.1' from CLIENT A and run tcpdump on SERVER eth0 I see no hits at all. If I launch 'ping 10.10.30.1' from CLIENT A and run tcpdump on SERVER eth1 I see ICMP requests coming from CLIENT A but no replies.
It doesn't look like a routing problem because clients A and B can communicate with each other. Also, we have around 20 similar installations but this is the first time CLIENT A cannot ping internal interface of SERVER.
View 2 Replies
View Related
Jun 1, 2011
i have set firewall for centos of 192.168.1.21 server like this.
it has a gateway of 192.168.1.2
iptables -P INPUT DROP
iptables -A INPUT --in-interface lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source 00:0F:EB:91:00:01 -j ACCEPT
iptables -A INPUT -p tcp --destination-port 80 -m mac --mac-source 00:0F:EB:91:00:01 -j ACCEPT
the mac source is my laptop's mac address. But when i try to ping from my laptop of 192.168.0.2 (my gateway is 192.168.0.1 but share the same server that has 3 network gateway including gateway for the centos)it failed. what i should do to enable this ping.i also cannot connect to the centos server unless i change my ip to 192.168.1.x and same gateway as centos.can someone suggest what should i modify my firewall to enable connection to centos server from my 192.168.0.2 laptop? is that related to nat and forward chain in firewall of centos?
View 2 Replies
View Related
Dec 28, 2010
If I try ping a host on my internal lan from my ubuntu notebook the host name never resolves, but if I ping www.domainname.xxx it will resolve because our dhcp server is setup as the dns server too. If I use the connect to server tool and select samba share and specify host by name, it can resolve that and the shares show up... same dns server, same machine, but different interface/program. My real reason behind this is because my synergy+ keeps falling over whenever the synergy servers dhcp lease expires and it gets a new I have to then specify the new address and change configs.
View 3 Replies
View Related
Mar 22, 2010
How to do NAT in Iptables? ..I am trying to NAT IP public:Port to Internal IP:Port (202.a.b.c SMTP to 172.16.1.169 SMTP) ..
View 14 Replies
View Related
Jun 1, 2010
I want to ssh to a pc in our home network. It is a standard network in terms of a DSL router, dynamic IPs via DHCP, WPA2/PSK security, wireless network connection for all pcs except one which is wired to the router.I got the error "no route to host" from ssh. Openssh-server was already installed. It turned out later that the laptop I want to ssh to (namely the one which is connected by cable) cannot be pinged by any other laptop on the network.
The pc in question (lucid lynx with most recent updates) is online, can ping itself and the router, but cannot ping others in the network and cannot be pinged by them. I suspect a firewall setting of being the problem.
View 1 Replies
View Related
Nov 26, 2010
Currently,i use Fedora 10 and get a follow trouble :My network:
route(10.11.10.2/24)----eth0----(10.11.10.105/24)Fedora10(172.16.239.1/24)----vmnet0----(172.16.239.2/24)Virtual Machine XP2.
I used : Vmware 6.5.1,Virtual Machine : Window XP SP2.
[code]...
View 1 Replies
View Related
Nov 21, 2010
My Ubuntu Box has 3 interfaces. eth0 (Internal 192.168.1.0/24)eth1 (External ISP DHCP)eth2 (External ISP Static IP)I need the outgoing traffic to internet for 1 of the internal pc (192.168.1.10) to only go only go through eth2
View 4 Replies
View Related
Apr 29, 2010
So, I have an Virtual Machine running CentOS 5.4. It sits behind a hardware firewall which also does NAT'ing. I've set up plenty of these, so I know for sure the firewall and NAT rules are set up correctly. From the host, I can ping anything in my subnet and the gateway. But I can't ping anything else beyond the gateway. I can perform DNS queries and when I try to ping, it finds the appropriate IP address.But from the outside, I can ping the PUBLIC address (It's a 1 public to 1 private address NAT, not 1 public to multiple private). I've tried it with IPTABLES on and off, with no change.
View 11 Replies
View Related
Jul 15, 2011
I am using an virtual machine. where I need to ping from one machine to another. earlier I was able to ping. But after going to google.com once, I cannot ping back to this machine.
But if I gave ping -I eth1 <IP> then I can ping.
I cannot install any package, so tell me solution which includes not installing any package.
View 2 Replies
View Related
Aug 28, 2010
I am in the process of setting up my own Linux gateway/firewall using two nics eth0(external network) and eth1(internal network). The Linux gateway hands out ip addresses using dhcp3-server, and uses iptables to route the traffic correctly. Clients are able to connect and access the internet...everything is working great, HOWEVER I can't access my apache virtual hosts websites from the internal network? They work just fine if i access them from the outside world
I can type ip of the web server, 192.168.0.201 and it shows the first virtual host listed in my /sites-enables/000-default folder. but i can't use any DNS entries. I don't have any internal DNS servers running. This doesn't makes sense, because if i replace the linux firewall/router with my normal linksys wrt54G router it works just fine.
View 4 Replies
View Related
Jan 5, 2010
I have a Compaq Presario R3000 with Ubuntu 9.10 32 bit that I just installed last night. I'm using a Zyxel G-102 Wireless card and Actiontec GT701WG wireless modem.
When I try to connect to the 'net, the network does show up and it connects strong (100%). It also shows multiple neighbors networks. It pings at 99% success (with over 900 sent as I write this) but when I open Firefox it can't connect, it just times out. I've used WEP security and have switched off security as well. I tried hooking up to the modem via USB and get the same result. It acts like a Firewall issue but there isn't one installed - at least that I can find and the Firewall in the modem is off. I ran FF in root with gksu firefox as suggested in another thread. I tried www.ubuntu.com and the header loaded but that was all. Then it timed out.
I'm new to Linux but have used Puppy Linux with this machine and card, etc. so I know it can/does work with Linux. I wanted a more refined distro and chose Ubuntu.
View 9 Replies
View Related
Mar 23, 2010
Trying to access 67.15.245.6 (its a forum site). I can't get to it from home for over a month now. I can't ping it, but I can ping obvious things like google. Tracert isn't working at all. Once it hits the lightspeed.frokca.sbcglobal.net hop it just dies like ATT isn't allowing traceroutes. I've been using Tor as a work around. About 3 months ago I basically had the same issue with openbittorrent.com's site.
I have a linux server and windows XP box. I can't ping the above IP nor tracepath/traceroute to the IP from my linux box.
I have ATT uverse.
EDIT: The site is hometheaterlounge.com (The IP won't do you much and its just the IP of the site host).
View 5 Replies
View Related
Mar 14, 2009
I just downloaded and installed the latest Cent OS 5. I disabled SE linux, turned off the firewall, and selected the Server package options when installing. I plan on using this as a router/firewall between my internal network and the internet, as well as web server, etc. The first thing I did was to configure the two NICs, internal one with 192.168.7.1 address and the other with an address from my ISP (I have a static address, but I also tried to let the DSL router assign an address via DHCP). Everything looked fine, I checked /etc/resolv.conf and my routes. I was able to ping the DSL router from the server, but I was not able to do a ping or lookup on anything outside my network. I tried host, dig, nslookup, etc, no luck. Obviously then, I was not able to browse the net with firefox.
View 4 Replies
View Related
Aug 3, 2011
I have a server located remotely that I'd like to protect by allowing access to only my IP address (on any port). Currently anyone can access the server using ssh, http, and any other services that my server is running. (The reason I need to protect it for now is that it's a test/development server and really only needs to be accessed by me.)
The downside of doing this is every time my desktop IP address changes (from where I access the remote server), I would need to update the iptables configuration. (This could be a hassle, but based on my limited knowledge it seems to be the best way to allow access from only myself.)
Could anyone share how to allow access to my server using iptables from only my IP address and on any port?
View 4 Replies
View Related
Apr 20, 2010
I'm not sure is this is possible or not, but what I would like to do is take my public address mydomain.com and configure a virtual host something.mydomain.com only instead of having the content on the same server I would like it to point to the IP of my virtual machine that is in my private network and display that page publicly. Does anyone know if this is possible, or how to do it? I have done this with port forwards, but would like them both to be on the same port.
View 3 Replies
View Related
Jul 2, 2010
i can ping to 192.168.10.104 but can't access it graphically.i am using firefox.. distro is ubuntu.. i do //192.168.10.104:9345..but it takes no response.can u help me.. i am using direct connection..
View 6 Replies
View Related
Jan 20, 2011
I'm curious but recently I was troubleshooting some iptables rules to allow nfs clients access to my nfs server. What was strange was that I setup a tcpdump session on my nfs server so that I can see which ports were being requested. I ran several tcpdump sessions with the following filters in place.
tcpdump -vv src ip_of_client and dst _ip_of_client
tcpdump -vv src hostname_of_client and dst hostname_of_client
However, the only packet I ever saw come over the wire to me was the client host asking for a arp resolution. Anyhow, I finally just ran 'rcpinfo -p' and added those ports to my iptables rules and it worked great. However, I would like to understand how nfs works in case I need to troubleshoot it in the future. I do understand that nfs uses portmappers, would this explain the behavior?
View 1 Replies
View Related
Jul 9, 2010
I am trying to lock down our application and server with iptables. Anybody have any idea how to prevent accesses to the application from another application? Basically I opened up the ports 80 and 443 for the application server. However, the application points to other apps (ie. database, ldap). I want to limit what it can connect to or who can connect to it. Bascially I can limit who connects to the server itself but the application can still get input from outside servers.
View 4 Replies
View Related
Apr 25, 2010
Just wondering if it is possible to block web access on a certain ip address with iptables.
Iv seen guides for blocking web traffic on a whole network but i want to just block a single host from accessing the web.
View 14 Replies
View Related
Sep 26, 2009
I'm using Fedora Core 11 and the client OpenVPN on the network-manager into a segmented infrastructure. It works well.
My laptop is on a dmz wireless Zone 192.168.3.0/24 and access Internet through a firewall via a front-end zone 192.168.65.0/24 with wlan0 interface.
But my laptop can access on a back-end zone 192.168.2.0.24 to a server.
When I start the OpenVPN tunnel, I cannot access on my back-end zone because the kernel routing table is modified (all the traffic is routed through the tun vpn interface)
If I define a static route like route add -host 192.168.2.x gw 192.168.3.2 where x is my file serveur, I cannot connect to this server because the routing is make through the tun interface and not by the wlan0 who can access on is gateway
I want to know where changing the kernel routing table file to access on the Internet and on my back-end zone in a same time.
View 4 Replies
View Related
May 13, 2010
I could no handle/circumvent on the past week, despite of the several "googling" and documents reading. I will try to mention all needed bits... I'm managing a network with the following structure:
eth0: internal net
eth1: DMZ
eth2: 10 mbit/sec sync line with eight public /29 IP's + a /30 interconnection network. All public IP's must use the interconnection's network gateway.
eth3: ADSL with ppoe with fixed IP (ppp0).
Now, a few extra info:
- All internal traffic is routed through ppp0 except when it's destined for DMZ and public IP's range.
- DMZ traffic is routed either through ppp0 or eth2. This is done by source IP.
- eth2 has on IP from the interconnection network, and six public IP's are also defined on eth2. Command: "ip addr add ...."
[code].....
View 6 Replies
View Related
Jan 22, 2009
Presently this client access the net through following setup
ADSL modem -> hub -> all computers
Now they want to do some kind of bandwidth control, content filtering. So I tried setting up squid with dansguardian. This is what I did
ADSL -> linux server -> all computers.
The linux server has two NIC cards. One to the ADSL router and another to the local hub. This is how my squid.conf file looks like
http_port 3128
acl ubc src 192.168.1.0/255.255.255.0 (for subnet)
http_access allow ubc
Have set the gateway server as 121.x.x.1. Which is the gateway server of the ISP. Now I can ping the local network, but cant ping the gateway or any other website. Also I am unable to access the router administration page.
View 2 Replies
View Related
Feb 17, 2010
We have setup a Exchange server at remote location and while testing I am facing following issue:
1. While configuring Outlook, it's not able to reach the exchange server which hosted at third party and is reachable from everywhere except my Local Network.
My Local network is as following:
Local Lan On Private subnet - Gate+Firewall(Iptables) with two interfaces(private and pubic)with natting-Internet Connectivity.
Where as Exchange server is setup at a Data Center and accessible from internet.
I need to know that what all rules are required for user's to configure outlook with Exchange 2010.
Rest of the things are working fine (Internet connectivity, Exchange OWA access).
View 4 Replies
View Related
Feb 10, 2010
how you I can configure sendmail to use 2 different configurations of virtusertable as access was being made from internal and external institution?
View 5 Replies
View Related
Feb 27, 2009
At first I installed debian 5 and I want enter on my workgroup using windows XP PCs, in same time I want use firewall now when I stop firewall I can access on the pcs but when I start iptables and open port for samba such as 137,138,138 and 445 I can't access on any PC on work group this is the output of iptables - L command:
Code:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns state NEW
ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
View 6 Replies
View Related
