Solved

telnet to local ip not working

Posted on 2001-06-19
8
754 Views
Last Modified: 2008-02-01
I have two network cards installed.  192.168.0.1/24 and 172.0.0.1/24.  I can ping and telnet out on both interfaces.  

Other computers can ping both interfaces.  The problem is that telnetd and httpd are only responding on the 192.168.0.1 interface.  When I try to telnet into 172.0.0.1, I get "Connection refused by remote host".  Same thing happens with http.  Also when I try to telnet to the local IP, I get the same thing and localhost dosn't answer telnet requests either.

I'm running Linux Redhat version 7.1 and there are no restrictions set in the firewall.
0
Comment
Question by:bnewton
8 Comments
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
From the question it looks like this box is intended to function as a firewall/gateway using IPMASQ. Is it set up to use ipchains (the default on 7.1) or iptables? If you are using the default, what does "ipchains -L" and "ipchains -M" show?
0
 
LVL 5

Expert Comment

by:harwantgrewal
Comment Utility
I am not sure But I think the IP doesn't blong to the same group so that why its refused.

Harry
0
 

Author Comment

by:bnewton
Comment Utility
I'm pretty much a Linux newbie so I used the default's and havn't really configured anything yet other then the drivers.  This is the outpuut to that command.

[root@localhost /sbin]# ./ipchains -L
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):

[root@localhost /sbin]# ./ipchains -M -L
IP masquerading entries

Harwantgrewal, what do you mean by the IP doesn't belong to the same group?


Thanks,
Bill
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
I may have made an improper assumption when I read the question. So let me see if I can clarify things.

From within the private network (192.168.0.0/24) you can telnet to the gateway's inside interface (192.168.0.1), but you can't telnet to it's outside ip (172.0.0.1) from within the private network. And I'd expect that you can't telnet to the outside IP of the gateway from the Internet. From within the private network you should only be opening sessions to the inside IP of the box for security reasons. And to allow inbound connections to the gateway from the Internet I believe you'll need to set up a port forward for telnet that points the inbound telnet connection to the inside IP of the gateway.

0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:bnewton
Comment Utility
No I'm only trying to telnet to the port on the subnet that I'm attached.  The most puzzeling thing to me is that I can't telnet to the local ip when I'm actually on the server console.  Ie. telnet 127.0.0.1 dosn't work.
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Okay so you are saying that from a host on the network attached to the interface with the 192.168.0.1 IP that you can telnet to 192.168.0.1? Yet from a host on the network attached to the other interface you can't telnet to 172.0.0.1? How about showing me the output of "ifconfig -a" and "netstat -rn", please.
0
 
LVL 2

Accepted Solution

by:
rgirish earned 100 total points
Comment Utility
Bill,

To troubleshoot, lot of things are needed:

1. Did you add the 172.x.x.x interface card after the installation.
2. What does your hosts file look like? does it have an entry for localhost
3. Copy and Paste the xinetd.conf file (maybe the telnet daemon is configured to run on only that interface)
4. Copy and Paste fstab file (got to check if pseudo terminals are mounted)
5. Run ifconfig -a
6. run a traceroute (or tracert from a windows system) from any client on 172.x.x.x network to 172.0.0.1. Copy and Paste the results.

With the help of these answers, we can troubleshoot the problem.

-Girish
0
 

Author Comment

by:bnewton
Comment Utility
Hi Girish, Thanks in advance for your help.

1. Yes, the 172.x.x.x card was added after installation.  I activated the card using linuxconf, but have done nothing else.

2.
[si@localhost si]$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1          fwtest localhost.localdomain localhost

3.
[si@localhost /etc]$ cat xinetd.conf
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
     instances               = 60
        log_type                = SYSLOG authpriv
        log_on_success          = HOST PID
        log_on_failure          = HOST
}

includedir /etc/xinetd.d

4. [si@localhost /etc]$ cat fstab
LABEL=/                 /                       ext2    defaults        1 1
LABEL=/boot             /boot                   ext2    defaults        1 2
LABEL=/home             /home                   ext2    defaults        1 2
/dev/fd0                /mnt/floppy             auto    noauto,owner    0 0
LABEL=/usr              /usr                    ext2    defaults        1 2
LABEL=/var              /var                    ext2    defaults        1 2
none                    /proc                   proc    defaults        0 0
none                    /dev/pts                devpts  gid=5,mode=620  0 0
/dev/hde9               swap                    swap    defaults        0 0
/dev/cdrom              /mnt/cdrom              iso9660 noauto,owner,kudzu,ro 0 0

5.

[si@localhost /sbin]$ ./ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:50:BA:1A:1D:93  
          inet addr:192.168.0.71  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:496 errors:0 dropped:0 overruns:0 frame:0
          TX packets:495 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:3 Base address:0xa000

eth1      Link encap:Ethernet  HWaddr 00:48:54:6D:C4:76  
          inet addr:172.0.0.1  Bcast:172.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:10 Base address:0xc000

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

6.
#trace 172.0.0.1

Type escape sequence to about.
Tracing the route to 172.0.0.1

  1 172.0.0.1 4 msec 0 msec 0 msec
#
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video discusses moving either the default database or any database to a new volume.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now