ello, starting I'm sorry for my english:>


I connected 2 comps(anos and anos2 both on AUROX linux(10.0 and 9,3)) straight to interfacies eth0 (192.168.0.1) <--> eth0(192.168.0.2) by crossed cable rj-45.
Route table is set well. Pinging anos2 from anos and anos from anos2 says evertything is ok.
But when I'm tring to use some service (telnet) etc. it says "no route to host" ???
And comp which is server sends ICMP msg: "icmp 68: host anos unreachable - admin prohibited"

here are some info:

[root@anos root]# tcpdump -ext -c2 >>
00:05:5d:a2:a6:c7 > 00:a0:c9:72:30:c2, ethertype IPv4 (0x0800), length 74: IP anos2.1032 > anos.telnet: S 1647477230:1647477230(0) win 5840 <mss 1460,sackOK,timestamp 70521 0,nop,wscale 0>
0x0000: 4510 003c 9297 4000 4006 26c1 c0a8 0002 E..<..@.@.&.....etc

00:a0:c9:72:30:c2 > 00:05:5d:a2:a6:c7, ethertype IPv4 (0x0800), length 102: IP anos > anos2: icmp 68: host anos unreachable - admin prohibited
0x0000: 45d0 0058 7509 0000 ff01 c477 c0a8 0001 E..Xu......w.... etc

[root@anos root]# route >>
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.0.254 0.0.0.0 UG 0 0 0 eth0

How to "fix it" in order to make telnet(etc) session. I have no idea what to do.I'm newbie.

Perhaps you need to define one box (anos) as a gateway, because the default shown by route is the broadcast address of your network.

i'll try but it should route any 192.168.0.x adresses to eth0, and there is no need for adding default route.

Thanks for tip

I don't usualy talk to myself...but the solution is simply:
I had firewall enebled without any allows

It is fxed.

Old thread but when I did a google search this is the thread that showed up which was similar to my problem ....and just like you, the firewall was the issue. All fixed and good to go.
Thanks for answering your own question keraj37. It helped me out today.

Old Thread but still useful to someone about every 4 years it seems as I just ran into this problem today and indeed it was the firewall! Thanks again for answering your own question 8 years ago!

I had the same issue - During TCP handshake the client would send a 'Destination Unreachable - Communication with Destination Host is Administratively Prohibited' (ICMP Type 3 Code 10) message. The handshake would complete but because of the ICMP message, server would send a reset (RST) without the actual application-level (HTTP, in my case) transaction taking place.

I had to add the following rule on the client to drop such ICMP packets:

From then on, the client and server were able to transact over application layer without any issues.