On Tue, 2009-05-05 at 08:07 -0400, Admin@AnythingGoes wrote: > Hello Fedora-list, > > I have a F7 server that has been working perfectly as far as getting > people out into the net. > > But recently, I have needed the capability to access the server FROM > the net. > > I can ping the server, but I cannot SSH in, FTP in or WEB BROWSE in.. > All the appropriate servers are running and are easily accessed from > within the 192.168.1.x subnet.. > > I don't have a router in place between the box and the Net. I am > using a DSL Modem in Dumb/Bridge mode. The Fedora 7 handles the > connection and authentication and acts as a > Gateway/Router/Firewall to the rest of the 192.168.1.x subnet. > > Another point is I DO have a firewall in play (FireStarter) but I have > set a rule so that the IP of the test machine is cleared to come in on > all ports. I have also completely shutdown FireStarter and I still > couldn't access the Server. IPtables is also shut down completely, > so that's not interfering with the connection. > > I am sure it's something grossly simple that I am missing. > Any help would be most appreciated. Some possible diagnostic suggestions: - "netstat -a" will show you which servers are listening, on which interfaces and on which ports. You can use this to confirm that your ssh daemon is listening to the external interface as well as the internal one. - "iptables -L" will show you your current iptables configuration. If the firewall is truly disabled, you should see something like: Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination If you see otherwise, and assuming that the default policy is ACCEPT (as shown above: "(policy ACCEPT)"), then you can flush the rules with "iptables -F" (Warning: flushing the rules with another default policy will result in no packets getting through!). - Review your ssh daemon configuration in /etc/ssh/sshd_config - From the remote machine, test which ports (if any) are listening on the F7 host using a tool such as 'nmap'. If netstat shows that the port is listening, and iptables shows that it's not being blocked locally, it may be that the ISP is blocking access. In that case, consider adding an additional listening port (e.g., 222 or 2222) to the ssh configuration, and accessing via that (ssh -p 222 foo@bar) -- Chris -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
