LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-07-2013, 09:15 PM   #1
shaifulsafar
LQ Newbie
 
Registered: Oct 2008
Posts: 8

Rep: Reputation: 0
Network Configuration on RHEL 6.2 Santiago - Need an advice


Hi,

Have a nice day :-).

I just get new Dell PowerEdge R720 come with RHEL Server 6.2. This server come with Network Daugther Card (NDC) 4 ports.

I was configured the network configuration with IP below:

IP : 172.18.64.3
Nmask : 255.255.252.0
Gateway : 172.18.64.1

The network cable for this server was connected via eth1 port to network switch.

The problem I'm facing is:

1. I can ping to other pc or workstation in the same network (LAN) but the other pc/workstation can't ping, ssh, ftp and http access to the server.

Here is few method I had done :
1. Disable / Enable RHEL Firewall. Didn't work.
2. Disable / Enable Selinux. Didn't work also.
3. Checking on ipv4.config configuration at /etc/sysctl.conf. all set as 0.
4. Set the same IP on my notebook installed with apache server, and plug in the same network cable to my netbook. both way can ping. netbook can ping pc, and pc can ping and access apache server (http).
5. Set IP in notebook with the same network range as server, connect the notebook to server via cross network cable. both way can ping and http access.
6. use ifup and ifdown command at /etc/sysconfig/network-scripts/... still didn't work.

I need help from experts here to resolve this problem. Before I post this topic, I was do searching in google and this forum, but did not see any related or same with this problem.

Thank you.

Shaiful.
Kuala Lumpur, Malaysia.
 
Old 02-08-2013, 01:27 AM   #2
nini09
Member
 
Registered: Apr 2009
Posts: 916

Rep: Reputation: 67
You should check your route table on the server.
 
Old 02-08-2013, 02:17 AM   #3
shaifulsafar
LQ Newbie
 
Registered: Oct 2008
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by nini09 View Post
You should check your route table on the server.
172.18.64.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 172.18.64.1 0.0.0.0 UG 0 0 0 lo

this is my routing table now.

Last edited by shaifulsafar; 02-08-2013 at 02:18 AM.
 
Old 02-08-2013, 06:43 AM   #4
fortran
Member
 
Registered: Nov 2011
Location: Cairo, Egypt
Distribution: CentOS, RHEL, Fedora
Posts: 265
Blog Entries: 2

Rep: Reputation: 48
Whatever you are trying, just disable SElinux first. Don't enable it.
Don't disable firewall. It is for your server's safety.

When you try to connect your server using ssh, does it give following error?
ssh: connect to host localhost port 22: Connection refused

Have you opened port 21,22 & 80 in firewall configuration of your server?

Can you connect your system from server using ssh?
# ssh yoursystem'sIP

Send text of /etc/sysconfig/iptables

Last edited by fortran; 02-08-2013 at 06:46 AM.
 
Old 02-08-2013, 09:29 AM   #5
shaifulsafar
LQ Newbie
 
Registered: Oct 2008
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by pavi_kanetkar View Post
Whatever you are trying, just disable SElinux first. Don't enable it.
Don't disable firewall. It is for your server's safety.

When you try to connect your server using ssh, does it give following error?
ssh: connect to host localhost port 22: Connection refused

Have you opened port 21,22 & 80 in firewall configuration of your server?

Can you connect your system from server using ssh?
# ssh yoursystem'sIP

Send text of /etc/sysconfig/iptables
[root@metweb2 sysconfig]# vi iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type echo-request -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type echo-reply -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
#-A INPUT -j REJECT --reject-with icmp-host-prohibited
#-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Last edited by shaifulsafar; 02-13-2013 at 12:22 AM.
 
Old 02-11-2013, 02:25 PM   #6
nini09
Member
 
Registered: Apr 2009
Posts: 916

Rep: Reputation: 67
1. I can ping to other pc or workstation in the same network (LAN) but the other pc/workstation can't ping, ssh, ftp and http access to the server.

What's IP address of other PC or workstation?
The route table is very weird. First, two routes against same interface, eth1, even if same metric. Second, default route points to loopback interface.
 
Old 02-12-2013, 07:59 PM   #7
shaifulsafar
LQ Newbie
 
Registered: Oct 2008
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by nini09 View Post
1. I can ping to other pc or workstation in the same network (LAN) but the other pc/workstation can't ping, ssh, ftp and http access to the server.

What's IP address of other PC or workstation?
The route table is very weird. First, two routes against same interface, eth1, even if same metric. Second, default route points to loopback interface.
I was test ping from other server with IP 172.18.64.5 and same gateway.
 
Old 02-13-2013, 12:23 AM   #8
shaifulsafar
LQ Newbie
 
Registered: Oct 2008
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by pavi_kanetkar View Post
Whatever you are trying, just disable SElinux first. Don't enable it.
Don't disable firewall. It is for your server's safety.

When you try to connect your server using ssh, does it give following error?
ssh: connect to host localhost port 22: Connection refused

Have you opened port 21,22 & 80 in firewall configuration of your server?

Can you connect your system from server using ssh?
# ssh yoursystem'sIP

Send text of /etc/sysconfig/iptables
[root@metweb2 sysconfig]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0
5 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
7 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80

Chain FORWARD (policy ACCEPT)
num target prot opt source destination

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
 
Old 02-13-2013, 02:01 AM   #9
fortran
Member
 
Registered: Nov 2011
Location: Cairo, Egypt
Distribution: CentOS, RHEL, Fedora
Posts: 265
Blog Entries: 2

Rep: Reputation: 48
Paste output of following commands.

When you try to connect server using your system
$ ssh Ip-of-the-server

when you try to connect your system using server
$ ssh IP-of-your-system
 
Old 02-13-2013, 02:48 PM   #10
nini09
Member
 
Registered: Apr 2009
Posts: 916

Rep: Reputation: 67
Ping from other PC to server and sniffer on all interface on server. Check ping response whether is droped or sent to wrong interface.
 
Old 02-13-2013, 10:20 PM   #11
shaifulsafar
LQ Newbie
 
Registered: Oct 2008
Posts: 8

Original Poster
Rep: Reputation: 0
Thank you for your response nini and pavi,

The problem has been resolve yesterday. I was back to the basic configuration of the network using command line.

1. I was disable the default gateway which is the status is lo/loop back.
Code:
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.18.64.0     0.0.0.0         255.255.252.0   U         0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         172.18.64.1     0.0.0.0         UG        0 0          0 lo
2. Then I add route default gateway to 172.18.64.1.
Code:
[root@metweb2 network-scripts]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.18.64.0     0.0.0.0         255.255.252.0   U         0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         172.18.64.1     0.0.0.0         UG        0 0          0 eth1

It works. Then now I can continue to configuring firewall rules to allow functions on this server e.g ssh, telnet, http, ftp etc.

Anyway, Thank you so much for all friends here. Your advice, help and response are much appreciated.

Last edited by shaifulsafar; 02-13-2013 at 11:07 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Rhel 6.0 santiago passwd no affected in single user mode adol83 Linux - Newbie 3 11-12-2012 10:01 AM
Non root user cannot login - RHEL 6.0 ( Santiago) saraswathi55 Red Hat 2 12-14-2011 06:47 PM
Manual RHEL 6 Network configuration linuxunix Linux - Newbie 6 03-15-2011 08:10 PM
[SOLVED] Please advice on network configuration for Linux kapz Linux - Networking 10 04-11-2010 03:27 AM
need advice laptop network and wireless configuration Nurdin Debian 1 01-22-2005 04:57 AM


All times are GMT -5. The time now is 04:03 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration