LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-20-2020, 11:12 AM   #1
slund
LQ Newbie
 
Registered: Mar 2020
Posts: 1

Rep: Reputation: Disabled
Question Forwarded wan ports work on LAN Windows machines but not on LAN Linux machines. Ubuntu 19.10


Hello all, and thanks for reading. I will try to keep this brief, but bear with me i will likely fail.

So my situation is, that i have a fairly simple LAN setup at home where a cable modem router is acting gateway (192.168.0.1) and nothing else. On the LAN side, my Synology NAS (192.168.0.10) is serving IP adresses via DHCP in the range (192.168.0.100 to 192.168.0.200) for local LAN clients. This is all working well. The gateway is forwaring port 80, 443 and 22 to the NAS which is also working well both for WAN and LAN access.

I have a few client systems on the LAN side, and they can all access the services on the NAS. Now, I also have a Ubuntu (19.10) server called mars (192.168.0.16) which i want to use for serving up my web page in stead of the NAS (why? - not important). Setting up the webserver on mars is done and access is fine through the IP address from within the LAN. However, swhitching the gateway port forwarding over to mars, causes some wierd behavior (Note; everything was honky-dory when ports were pointing to the NAS).

Now suddenly WAN access to the server only works when my client computer is:

1. on the lan and windows based; or
2. not on the lan.

I have grown several gray hairs trying to figure out why, and the only answer that seems to make some kind of sense is that it is probably NAT related causing LAN originated packages via WAN ports to be dropped. (and therefore something that happens in the gateway). If this is true - why does it work from windows machines?

My other theory is that it has to do with the network setup on the client linux machines i am using to test with. But i simply dont have enough knowledge about network configuration and services required on LANs to be able to figure this out.

I installed nmap to see what the ports look like from my linux hosts on the lan. This is mars looks like from my LAN based linux client:

Code:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-20 16:01 CET
Nmap scan report for 192.168.0.16
Host is up, received syn-ack (0.0045s latency).
Not shown: 993 filtered ports
Reason: 993 no-responses
PORT    STATE SERVICE    REASON
22/tcp  open  ssh        syn-ack
25/tcp  open  smtp       syn-ack
80/tcp  open  http       syn-ack
143/tcp open  imap       syn-ack
443/tcp open  https      syn-ack
587/tcp open  submission syn-ack
993/tcp open  imaps      syn-ack
... and when looking though the gateway (names and IPs mangled):

Code:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-20 16:02 CET
Nmap scan report for mysite.com (123.123.123.123)
Host is up, received user-set (0.0065s latency).
rDNS record for 123.123.123.123: my.isp's.name.for.my.host.com
Not shown: 997 closed ports
Reason: 997 conn-refused
PORT    STATE    SERVICE REASON
22/tcp  filtered ssh     no-response
80/tcp  filtered http    no-response
443/tcp filtered https   no-response

Nmap done: 1 IP address (1 host up) scanned in 1.29 seconds
So aside from the fact that the imap and smtp ports are not open on the gateway, why does my LAN based linux based clients see these ports as 'filtered' when my LAN based Windows clients can connect fine to the ports?

Please help
/SLund.
 
Old 03-21-2020, 02:47 AM   #2
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,136

Rep: Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980
So your internet-connected Windows hosts can reach the mars host ok? Filtered means that a firewall, (or other networking issue) is blocking the port so that nmap cannot tell whether it is open or closed.
 
Old 03-21-2020, 02:54 AM   #3
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,136

Rep: Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980Reputation: 980
This thread may help with determining which device (between the Linux host and the mars server) may be causing the filtering
https://serverfault.com/questions/67...-communication
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Maintaining user accounts across several machines (not LAN/WAN) rjlee Linux - Software 1 02-20-2009 03:46 PM
vsftpd NAT, only 2 ports forwarded avallach Linux - Networking 4 02-07-2007 02:43 PM
Privileged ports can only be forwarded by root??? sovietpower Linux - Networking 1 03-10-2005 06:45 AM
FreeS/Wan Vs. OpenS/Wan Vs. StrongS/Wan bkankur Linux - Security 1 03-01-2005 10:27 AM
sendmail and forwarded ports question red.lego.man Linux - Security 1 08-02-2004 03:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration