Solved

telnet to local ip not working

Posted on 2001-06-19
8
760 Views
Last Modified: 2008-02-01
I have two network cards installed.  192.168.0.1/24 and 172.0.0.1/24.  I can ping and telnet out on both interfaces.  

Other computers can ping both interfaces.  The problem is that telnetd and httpd are only responding on the 192.168.0.1 interface.  When I try to telnet into 172.0.0.1, I get "Connection refused by remote host".  Same thing happens with http.  Also when I try to telnet to the local IP, I get the same thing and localhost dosn't answer telnet requests either.

I'm running Linux Redhat version 7.1 and there are no restrictions set in the firewall.
0
Comment
Question by:bnewton
8 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 6209137
From the question it looks like this box is intended to function as a firewall/gateway using IPMASQ. Is it set up to use ipchains (the default on 7.1) or iptables? If you are using the default, what does "ipchains -L" and "ipchains -M" show?
0
 
LVL 5

Expert Comment

by:harwantgrewal
ID: 6211520
I am not sure But I think the IP doesn't blong to the same group so that why its refused.

Harry
0
 

Author Comment

by:bnewton
ID: 6212572
I'm pretty much a Linux newbie so I used the default's and havn't really configured anything yet other then the drivers.  This is the outpuut to that command.

[root@localhost /sbin]# ./ipchains -L
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):

[root@localhost /sbin]# ./ipchains -M -L
IP masquerading entries

Harwantgrewal, what do you mean by the IP doesn't belong to the same group?


Thanks,
Bill
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6215141
I may have made an improper assumption when I read the question. So let me see if I can clarify things.

From within the private network (192.168.0.0/24) you can telnet to the gateway's inside interface (192.168.0.1), but you can't telnet to it's outside ip (172.0.0.1) from within the private network. And I'd expect that you can't telnet to the outside IP of the gateway from the Internet. From within the private network you should only be opening sessions to the inside IP of the box for security reasons. And to allow inbound connections to the gateway from the Internet I believe you'll need to set up a port forward for telnet that points the inbound telnet connection to the inside IP of the gateway.

0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:bnewton
ID: 6215304
No I'm only trying to telnet to the port on the subnet that I'm attached.  The most puzzeling thing to me is that I can't telnet to the local ip when I'm actually on the server console.  Ie. telnet 127.0.0.1 dosn't work.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6216966
Okay so you are saying that from a host on the network attached to the interface with the 192.168.0.1 IP that you can telnet to 192.168.0.1? Yet from a host on the network attached to the other interface you can't telnet to 172.0.0.1? How about showing me the output of "ifconfig -a" and "netstat -rn", please.
0
 
LVL 2

Accepted Solution

by:
rgirish earned 100 total points
ID: 6233729
Bill,

To troubleshoot, lot of things are needed:

1. Did you add the 172.x.x.x interface card after the installation.
2. What does your hosts file look like? does it have an entry for localhost
3. Copy and Paste the xinetd.conf file (maybe the telnet daemon is configured to run on only that interface)
4. Copy and Paste fstab file (got to check if pseudo terminals are mounted)
5. Run ifconfig -a
6. run a traceroute (or tracert from a windows system) from any client on 172.x.x.x network to 172.0.0.1. Copy and Paste the results.

With the help of these answers, we can troubleshoot the problem.

-Girish
0
 

Author Comment

by:bnewton
ID: 6240873
Hi Girish, Thanks in advance for your help.

1. Yes, the 172.x.x.x card was added after installation.  I activated the card using linuxconf, but have done nothing else.

2.
[si@localhost si]$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1          fwtest localhost.localdomain localhost

3.
[si@localhost /etc]$ cat xinetd.conf
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
     instances               = 60
        log_type                = SYSLOG authpriv
        log_on_success          = HOST PID
        log_on_failure          = HOST
}

includedir /etc/xinetd.d

4. [si@localhost /etc]$ cat fstab
LABEL=/                 /                       ext2    defaults        1 1
LABEL=/boot             /boot                   ext2    defaults        1 2
LABEL=/home             /home                   ext2    defaults        1 2
/dev/fd0                /mnt/floppy             auto    noauto,owner    0 0
LABEL=/usr              /usr                    ext2    defaults        1 2
LABEL=/var              /var                    ext2    defaults        1 2
none                    /proc                   proc    defaults        0 0
none                    /dev/pts                devpts  gid=5,mode=620  0 0
/dev/hde9               swap                    swap    defaults        0 0
/dev/cdrom              /mnt/cdrom              iso9660 noauto,owner,kudzu,ro 0 0

5.

[si@localhost /sbin]$ ./ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:50:BA:1A:1D:93  
          inet addr:192.168.0.71  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:496 errors:0 dropped:0 overruns:0 frame:0
          TX packets:495 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:3 Base address:0xa000

eth1      Link encap:Ethernet  HWaddr 00:48:54:6D:C4:76  
          inet addr:172.0.0.1  Bcast:172.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:10 Base address:0xc000

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

6.
#trace 172.0.0.1

Type escape sequence to about.
Tracing the route to 172.0.0.1

  1 172.0.0.1 4 msec 0 msec 0 msec
#
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now