Solved

Cannot connect to a specific host using Linksys E1200

Posted on 2013-06-06
12
1,004 Views
Last Modified: 2013-06-18
I just bought a new Linksys E1200 Wi-Fi router. For the most part, it works fine. I normally connect to several remote hosts on port 22 via ssh, WinSCP and Putty. I can connect to all these computer w/o problem ... except to one specific host! I have several computers on my home LAN and none of them can connect to this host. They can connect to all the others, but not this one. Putty gives me "Network Error. Connection timed out." ssh gives me, "ssh: connect to host port 22: Connection timed out." I know it has something to do with the router because when I put the old D-Link back in, all computers can then connect to this host. I tested this with more than one router and they all let me connect to that remote most, except the new Linksys.

The Linksys has a diagnostic page. Pinging the host/IP (96.11.168.98) from the Linksys gives 100% data loss. Traceroute from the Linksys gives "request timed out."

I have been working with and configuring network devices, home and business, fora long time and this is the first time I have ever seen a router refuse to connect to a specific address w/o being in some kind of block list. If this router has such a list, I have not found it. I've disabled the Linksys firewall.

I have absolutely no clue what could be wrong. Does anyone have an idea? I'm not going to waste much time on this. If I can't get it working I'll return the device.

THX
0
Comment
Question by:jmarkfoley
  • 7
  • 5
12 Comments
 
LVL 3

Expert Comment

by:phoenix5ire
Comment Utility
You have verified if port 22 is open on the host that can't be connected?

Make sure the host has Internet connection and do this test on the problematic host: open up command prompt, type:
telnet lrd.avss.ucsb.edu 22

If Port 22 is open, you will see a line containing SSH. If not, you will get a 'no connect' message.

Hope this helps.
0
 
LVL 1

Author Comment

by:jmarkfoley
Comment Utility
> You have verified if port 22 is open on the host that can't be connected?

Yes, it's open because, as I stated, if I use a different router I connect OK. Also, I can connect to one of the other hosts, then connect to the "problematic" host via ssh. You can try it yourself. I've put the IP in my original message.

> do this test on the problematic host ...

That test works fine:

$ telnet lrd.avss.ucsb.edu 22
Trying 128.111.147.200...
Connected to lrd.avss.ucsb.edu.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.4p1 FreeBSD-20100308
^]
telnet> quit
Connection closed.

 I can also connect from the remote "problematic" host to any host. I just cannot connect from this Linksys router to that host.

I also have this router port-forwarding to a linux host on the local LAN. I can get to this host from any remote host, but not from "problematic" host. Again, that specific host appears to be blocked at the router. Example:

telnet 76.181.71.79 20028

This works from any host (doubtless including yours). From IP 64.129.23.95 I get:

$ telnet 76.181.71.79 20028
Trying 76.181.71.79...
Connected to 76.181.71.79.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.0
^]
telnet> quit
Connection closed.

but from problem IP 96.11.168.98. I get:

$ telnet 76.181.71.79 20028
Trying 76.181.71.79...

forever ...

Whereas your test telnet worked just fine. Again, keep in mind, this all works fine with at least two other routers I just tested. What do you think?
0
 
LVL 3

Expert Comment

by:phoenix5ire
Comment Utility
*hmmm, interesting one. I did tried both of your IPs and was able to establish a telnet session w/o any problem on port 22. This verifies port 22 is open on your .98 host.

One quick thing to try is clear your arp cache from one of your host and try telnet again to the problematic host:
netsh interface ip delete arpcache

I'll do more brainstorming at the office in the morning.
0
 
LVL 3

Expert Comment

by:phoenix5ire
Comment Utility
It's apparent the Linksys E1200 is the problem and it looks like you've done some extensive testing already, here's what I would do: (one step at a time and test, so you can narrow the problem)
1) Check for a new firmware on the Linksys and apply as necessary - then test
2) Update driver on the NIC of problematic host (PC) - then test
3) Change out the NIC on the problematic host (PC) with one from your other machines that works and see if that makes any difference. -then test.

Hope this helps.
0
 
LVL 1

Author Comment

by:jmarkfoley
Comment Utility
> 1) Check for a new firmware on the Linksys and apply as necessary - then test

Actually, I would like to try the new firmware idea. I attempted this yesterday. Ufortunately, when I go to the Linksys site for downloading firmware: http://support.linksys.com/en-us/support/routers/E1200/download, all I can seem to download is a license agreement PDF no matter what I click on! If you want to try one more thing, see if you can find a link on that page that would actually let me download firmware.

Othere than the firmware possibility, I appreciate your excellent suggestions, but changing the card in the problematic host (Linux) ... and there isn't a specific new driver for that, is way too much work for a $50 router -- and does not have a high probability of working since all other computers and all other routers can get to it w/o problem.

If I could try the firmware idea, I would. Otherwise, this device goes back to the store today.
0
 
LVL 3

Expert Comment

by:phoenix5ire
Comment Utility
I got the firmware for you, see URL. It's the latest from Linksys:
Firmware
04/16/2013
Ver.2.0.05 (Build 2)

Attaches is also the Install instructions.
Router-Firmware-Upgrade-Instruct.pdf
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 1

Accepted Solution

by:
jmarkfoley earned 0 total points
Comment Utility
phoenix5ire: Thanks for your efforts, but I finally figured out the problem, which is: I'M AN IDIOT!!!!

It turns out that the linksys could not connect to that IP because it was blocked by the remote host's firewall.

Why was it blocked by the firewall? I have a script running on the remote host that looks for attempted break-ins via port 22 or 25. After so many failed attempts, the script blocks the IP by adding it to the firewall block list.

Why did the Linksys' IP get blocked? Behind the LAN where the linksys is, I have a computer that polls various remote computers' port 25 or 80 to see if they are still running. If not, it sends me a text telling me the computer is down. So ... the "isAlive?" host sent messages every 10 minutes (with the router's) to the problematic host and, eventually, it got itself blocked.

Why didn't this happen with the old D-Link I replaced? Simple, I was smart enough (once upon a time) to exclude the D-Link's IP in the break-in-checker script. However, when I swapped in the Linksys, it negotiated a new public IP with the ISP, not the same as the D-Link's. When I put the D-Link back to check it renegotiated back to the old, excluded IP and things worked again. Hence it looked like the Linksys was the source of the troubles (which it was in a sense because it had new IP not excluded by the break-in program).

The simple solution was to put the new Linksys IP into the break-in script and exclude it from the list of possible attackers. Problem solved.

Since I am the author of both the break-in script and the is-Alive polling script, and since I knew enough to put the poller's IP into the break-in script once upon a time, why didn't I figure this out immediately? See first sentence about idiotness.

I'll leave this open a bit longer in case you want to berate me further, which I'd appreciate since I don't feel mere self-flaggelation is sufficient for this.

THX again.
0
 
LVL 3

Assisted Solution

by:phoenix5ire
phoenix5ire earned 500 total points
Comment Utility
Good catch. My first reaction was, your computer's firewall (the problematic host) is blocking it but you mentioned in your first post that the firewall is disabled so I didn't revisit that.

Some times when you've looked at a problem long enough, you can't think outside the box and it's always better to have another set of eyes to look from another angle. Glad to help but always rewarding to find your own mistakes. :)

Take care.
0
 
LVL 1

Author Comment

by:jmarkfoley
Comment Utility
I've requested that this question be closed as follows:

Accepted answer: 0 points for jmarkfoley's comment #a39233244
Assisted answer: 500 points for phoenix5ire's comment #a39242065

for the following reason:

I figured it out.
0
 
LVL 1

Author Comment

by:jmarkfoley
Comment Utility
I'll try re-closing the question.
0
 
LVL 1

Author Comment

by:jmarkfoley
Comment Utility
wrong button
0
 
LVL 1

Author Closing Comment

by:jmarkfoley
Comment Utility
I figured it out.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now