cannot connect to my webserver from outside the network

General support questions
Post Reply
doulos
Posts: 38
Joined: 2015/11/07 17:55:32

cannot connect to my webserver from outside the network

Post by doulos » 2015/12/28 19:13:23

Hello, I am about to pull the last hear on my head. I had this web server working perfectly the suddenly it stopped working. I can ping my domain, can access the websites from inside the network, but can no longer connect to the server via ssh, or http from outside the LAN.

What I have done:
1. verified that firewall is not blocking my IP address, whitelisted my IP address.
2. verified that the ports 22 and 80 are open and forwarded to my webserver.
3. verified that the router firewall is not blocking my IP address.

I am stumped. Any suggestions where I should go from here?

aks
Posts: 3073
Joined: 2014/09/20 11:22:14

Re: cannot connect to my webserver from outside the network

Post by aks » 2015/12/28 23:04:07

See where (along the network "path") it fails.
Start at the first hop you have and proceed from there.

doulos
Posts: 38
Joined: 2015/11/07 17:55:32

Re: cannot connect to my webserver from outside the network

Post by doulos » 2015/12/29 01:30:51

Tracert goes all the way to the modem for sure as there is not break. Default website (colo.temple-baptist.com) works from within the LAN , and connecting to the server with it's LAN IP address (10.1.4.30) works. None of the websites that are (and used to work) in sites-available can connect using their URL work, nor can I connect to colo.temple-baptist.com from outside the lan. It must be some where between the modem and the box (i.e. router) but I have checked and double checked all the things I can think of on the router (firewall, ports, port-forwarding, etc.).


I have checked to be sure the OS (centos7) firewall is not blocking port 80, and port 22. I turned off firewalld just to make sure.

keith.sieman
Posts: 21
Joined: 2015/06/14 02:06:32

Re: cannot connect to my webserver from outside the network

Post by keith.sieman » 2015/12/29 04:40:04

How are you hosting this?

It's not on a residential internet plan, is it? The one thing that comes to mind, provided all settings are right and it only just started, is that your ISP could have blocked Port 80 on you..... what happens if you try to connect to the SSH?

doulos
Posts: 38
Joined: 2015/11/07 17:55:32

Re: cannot connect to my webserver from outside the network

Post by doulos » 2015/12/29 22:21:40

Comcast Business Class internet at my church office. Cannot connect with ssh port-22 from outside but can from inside the LAN.

Another thing that began recently also is that when I connect from within the LAN it takes about 30+ seconds to get the ssh login prompt. After I log in commands are quick just as expected.

I tried rebooting the last time I was physically onsite but it didn't help.

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: cannot connect to my webserver from outside the network

Post by hunter86_bg » 2015/12/30 13:56:21

You could always check what's going on by a trace.
Add a file in the root folder of your web server "/var/www/html" by default.
Do a "at <some time> " and then enter "tcpdump port 80 -i <interface to internet> -w <filename>.pcap -G <time to record in seconds>" and Ctrl+D on the server.
At the time set on "at" command - try "wget -t <retry number> --retry-connrefused <ip of website>/<name of file> " and later obtain the trace file.
By the way check tcp.wrappers ( /etc/hosts.allow and /etc/hosts.deny). Check if selinux is the issue by setting it in permissive mode (setenforce 0).
If you find out the issue - write it in your thread for latter reference.

Best Regards,
Strahil Nikolov

doulos
Posts: 38
Joined: 2015/11/07 17:55:32

Re: cannot connect to my webserver from outside the network

Post by doulos » 2018/01/15 01:34:24

Whoa, I didn't realize I never responded. This problem was eventually solved by properly forwarding ports from the Comcast Business Modem to the router handling the local network. Now I am having a different problem posted:HERE

Post Reply