|
Connect to ports Failed ?
1 Attachment(s)
Hi
i just installed several application via yum, such as vnc,xrdp and did opened the certain port needed by the application via iptables And to be honest im still learning how things working in linux so i don't have any clue why this happen :D, but basically i cant connect remotely to this port although it stated open and ready to receive connections here is what netstat print https://www.linuxquestions.org/quest...1&d=1514895706 Can any some one point me whats wrong? here is my command during instalation Code:
[root@server ~]# yum install xrdp tigervnc-serverCode:
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 3389 -j ACCEPT |
Why do you open tcp port 3389 while Xvnc is listening on tcp port 5801, 5901 & 6001 (as seen from your netstat output)?
edit Oh I see, you plan on using xrdp protocol over vnc :study: Did you check it's a firewall issue with flushing temporarly iptables rules? Maybe you need to start xrdp-sesman as well (not sure) |
Quote:
and yeah, i did that. also flushing the iptables just like you recommend, starting the service ( xrdp,sessman) but still i cant connect to all this port aside from ssh and apache like i mention above, im new to linux os so i dont have any clue what causing this but im suspecting its on firewall? |
No, if nothing is filtered, nothing prevents remote hosts to connect to servers at this level
I note from your netstat output that the programs you mention that work listen on IP v4 & v6 traffic while the programs that don't work only listen on IP v4 Do you connect to server using a IP v6 network? If yes, that would explain things. In this case just configure servers so they listen also on IP v6 |
Can you post the output of
Code:
$ iptables -LYou might also want NEW,RELATED,ESTABLISHED in the new rule. And, you might need a rule in the OUTPUT table as well. I'm not exactly sure how that works with just NEW but nothing else, but I think it might pass on all other traffic on the port, which might eventually be dropped or rejected. |
Quote:
yes, i believed i can do that..and really sorry for that Quote:
|
Any error on client side? Network configuration for client is ok?
When you connect via ssh, netstat from server shows client IP as IP v4 or IP v6? |
Quote:
Hi keefaz... Umm, what is the actual command for this? and sorry for late replying.. to be honest ,you made your point there regarding the ip V6 but i wasn't unsure from the client side, but i think there is no problem i do use ip v4 for my connection (sory cannot use code tags and using screenshot Instead) it using ipv4 right? and also im using my android Phone(which also failed to connect) , i believe most of Gsm Provider also using only ipv4 right? And for the active connection on the server ,heres is the result Code:
[root@rms ~]# netstat -natp |
You have multiple local networks? (172.16.2 and 192.168.100)
|
For the technical detail i haven't ask the server admin, but its possible
do you think that's the problem? |
Your posted image shows client configuration to connect on a network with address 192.168.100 while the server seems to be on network with address 172.16.2...
edit But I see DHCP enabled, so maybe these client addresses are just Windows default addresses (I don't know well Windows, sorry) Do you have telnet in Windows? If yes try open a dos terminal and: Code:
telnet 172.16.2.195 3389 |
Quote:
sorry if i make confusion Code:
[root@rms ~]# netstat -natpCode:
Microsoft Windows [Version 6.1.7601]Code:
[root@rms ~]# telnet 172.16.2.195 3389 |
Ah I didn't realize you want to connect from outside the local network...
How the external connections are routed to the server? With a router? If yes, is tcp port 3389 forwarded to the server in the router? |
Regarding Forwarded port, to be honest i have no idea :D
(from my isp line >> OpenWrt Luci default configuration >> Desktop or any device ). i just know it work i mean, it didn't have any problem connecting to other server aside this one This is really make me curious to find out whats is the culprit especially when you mention about 172.16 Code:
tcp 0 2040 172.16.2.195:22 202.167.44x.xxx:50764 ESTABLISHED 8000/sshd |
No,172.16.2.xxx is ip range reserved for local network
https://en.wikipedia.org/wiki/Private_network I think it could be a routing issue here (tcp port 3389 not routed to local server) |
| All times are GMT -5. The time now is 04:24 PM. |