Results 1 to 7 of 7

Thread: Network question

  1. #1
    katkota NNTP User

    Talking Network question

    Folks;
    I have 2 SUSE servers similar in all configuration & both on the same network
    (192.168.151.10 & 192.168.151.11) with the same default gateway of 192.168.151.1 and the same netmask of 255.255.255.0 and the same firewall configuration

    the first one works fine and i can ssh to it & i can ping it.

    The problem is with the second one "192.168.151.11", i cannot ping it or ssh to it from any where even from the ones on the same network. But if i'm on that server "192.1668.151.11" i can ping to other ones fine & ssh to any server.

    In other words, the second server can ping or ssh TO any other servers but can not ping it or ssh to it from any where.

    Any help please?

  2. #2
    Join Date
    Mar 2008
    Location
    Phuket, Thailand
    Posts
    27,108
    Blog Entries
    40

    Default Re: Network question

    Check your firewalls.

    Also, ensure your 192.168.151.11 does not have file entries under /home/your-user-name/.ssh that is blocking the ssh connection.

  3. #3
    Join Date
    Jun 2008
    Location
    Kansas City
    Posts
    60

    Default Re: Network question

    I know you're "sure" the firewalls are the same but, to be sure, disable the firewall completely on the .11 box (just temporarily) and see if you can ssh/ping it then... or temporarily add explicit rules to accept icmp and ssh from all interfaces.

    iptables -I INPUT -p tcp --dport 22 -j ACCEPT
    iptables -I INPUT -p icmp -j ACCEPT

    You can remove them after testing by running the exact same commands with -D instead of -I.
    --Khan St Preest

  4. #4
    ab@novell.com NNTP User

    Default Re: Network question

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Agreed.

    And if that doesn't affect anything get a LAN trace from both sides.
    Also make sure you don't have a duplicate IP on the network. If you
    have multiple NICs in either verify they are both sending/receiving
    anything (seems likely they are already).

    Good luck.





    lccts1 wrote:
    | I know you're "sure" the firewalls are the same but, to be sure, disable
    | the firewall completely on the .11 box (just temporarily) and see if you
    | can ssh/ping it then... or temporarily add explicit rules to accept icmp
    | and ssh from all interfaces.
    |
    | iptables -I INPUT -p tcp --dport 22 -j ACCEPT
    | iptables -I INPUT -p icmp -j ACCEPT
    |
    | You can remove them after testing by running the exact same commands
    | with -D instead of -I.
    |
    |
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFIUe1d3s42bA80+9kRAiT0AJoDJMq9vqOwWxhDx8Tivtg9cJ+K8wCeLyRu
    aY8TPgyuJNhfXweXkiRv4DE=
    =Duz9
    -----END PGP SIGNATURE-----

  5. #5
    katkota NNTP User

    Default Re: Network question

    Thanks guys for your replies.
    I did what you suggested in your replies with no luck.

  6. #6
    ab@novell.com NNTP User

    Default Re: Network question

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    And the LAN trace showed.......

    Good luck.





    ab@novell.com wrote:
    | Agreed.
    |
    | And if that doesn't affect anything get a LAN trace from both sides.
    | Also make sure you don't have a duplicate IP on the network. If you
    | have multiple NICs in either verify they are both sending/receiving
    | anything (seems likely they are already).
    |
    | Good luck.
    |
    |
    |
    |
    |
    | lccts1 wrote:
    | | I know you're "sure" the firewalls are the same but, to be sure, disable
    | | the firewall completely on the .11 box (just temporarily) and see if you
    | | can ssh/ping it then... or temporarily add explicit rules to accept icmp
    | | and ssh from all interfaces.
    | |
    | | iptables -I INPUT -p tcp --dport 22 -j ACCEPT
    | | iptables -I INPUT -p icmp -j ACCEPT
    | |
    | | You can remove them after testing by running the exact same commands
    | | with -D instead of -I.
    | |
    | |
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFIUuVb3s42bA80+9kRApU5AJ4p60FH1SOm6iVQ5xlImO63I4Z0sQCfRIao
    SMd280hw2m+UlvpQrAmNFB0=
    =5Ydk
    -----END PGP SIGNATURE-----

  7. #7
    Join Date
    Jun 2008
    Location
    Kansas City
    Posts
    60

    Default Re: Network question

    Kat, from the .11 box try "ssh localhost" and tell me if it can even ssh to itself.

    also, post your output to "netstat -pan|grep sshd"
    --Khan St Preest

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •