Hello, I am about to pull the last hear on my head. I had this web server working perfectly the suddenly it stopped working. I can ping my domain, can access the websites from inside the network, but can no longer connect to the server via ssh, or http from outside the LAN.
What I have done:
1. verified that firewall is not blocking my IP address, whitelisted my IP address.
2. verified that the ports 22 and 80 are open and forwarded to my webserver.
3. verified that the router firewall is not blocking my IP address.
I am stumped. Any suggestions where I should go from here?
cannot connect to my webserver from outside the network
Re: cannot connect to my webserver from outside the network
See where (along the network "path") it fails.
Start at the first hop you have and proceed from there.
Start at the first hop you have and proceed from there.
Re: cannot connect to my webserver from outside the network
Tracert goes all the way to the modem for sure as there is not break. Default website (colo.temple-baptist.com) works from within the LAN , and connecting to the server with it's LAN IP address (10.1.4.30) works. None of the websites that are (and used to work) in sites-available can connect using their URL work, nor can I connect to colo.temple-baptist.com from outside the lan. It must be some where between the modem and the box (i.e. router) but I have checked and double checked all the things I can think of on the router (firewall, ports, port-forwarding, etc.).
I have checked to be sure the OS (centos7) firewall is not blocking port 80, and port 22. I turned off firewalld just to make sure.
I have checked to be sure the OS (centos7) firewall is not blocking port 80, and port 22. I turned off firewalld just to make sure.
-
- Posts: 21
- Joined: 2015/06/14 02:06:32
Re: cannot connect to my webserver from outside the network
How are you hosting this?
It's not on a residential internet plan, is it? The one thing that comes to mind, provided all settings are right and it only just started, is that your ISP could have blocked Port 80 on you..... what happens if you try to connect to the SSH?
It's not on a residential internet plan, is it? The one thing that comes to mind, provided all settings are right and it only just started, is that your ISP could have blocked Port 80 on you..... what happens if you try to connect to the SSH?
Re: cannot connect to my webserver from outside the network
Comcast Business Class internet at my church office. Cannot connect with ssh port-22 from outside but can from inside the LAN.
Another thing that began recently also is that when I connect from within the LAN it takes about 30+ seconds to get the ssh login prompt. After I log in commands are quick just as expected.
I tried rebooting the last time I was physically onsite but it didn't help.
Another thing that began recently also is that when I connect from within the LAN it takes about 30+ seconds to get the ssh login prompt. After I log in commands are quick just as expected.
I tried rebooting the last time I was physically onsite but it didn't help.
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: cannot connect to my webserver from outside the network
You could always check what's going on by a trace.
Add a file in the root folder of your web server "/var/www/html" by default.
Do a "at <some time> " and then enter "tcpdump port 80 -i <interface to internet> -w <filename>.pcap -G <time to record in seconds>" and Ctrl+D on the server.
At the time set on "at" command - try "wget -t <retry number> --retry-connrefused <ip of website>/<name of file> " and later obtain the trace file.
By the way check tcp.wrappers ( /etc/hosts.allow and /etc/hosts.deny). Check if selinux is the issue by setting it in permissive mode (setenforce 0).
If you find out the issue - write it in your thread for latter reference.
Best Regards,
Strahil Nikolov
Add a file in the root folder of your web server "/var/www/html" by default.
Do a "at <some time> " and then enter "tcpdump port 80 -i <interface to internet> -w <filename>.pcap -G <time to record in seconds>" and Ctrl+D on the server.
At the time set on "at" command - try "wget -t <retry number> --retry-connrefused <ip of website>/<name of file> " and later obtain the trace file.
By the way check tcp.wrappers ( /etc/hosts.allow and /etc/hosts.deny). Check if selinux is the issue by setting it in permissive mode (setenforce 0).
If you find out the issue - write it in your thread for latter reference.
Best Regards,
Strahil Nikolov
Re: cannot connect to my webserver from outside the network
Whoa, I didn't realize I never responded. This problem was eventually solved by properly forwarding ports from the Comcast Business Modem to the router handling the local network. Now I am having a different problem posted:HERE