I have a strange problem (at least strange to me).

I am running a 64bit CentOS 5 Server with DirectAdmin control panel. I have used the default settings when installing both DA and CentOS. I have not installed any extra firewalls or anything else (yet).

Everything is running perfectly fine. DirectAdmin has been installed and configured fine, and it all is running smoothly. Apart from 1 thing.

When trying to access the server from my office computer (and another, off-site, server), I am unable to access SSH or DA. I am sure there is no problem with my ISP, and no internal firewall blocking these ports. I am running multiple DirectAdmin servers and can access others just fine (SSH too for that matter). However, I am able to access HTTP on the server. So it seems to be JUST SSH and DA.

I am convinced the problem is that my server (the one I'm trying to connect to) has blocked access to SSH and DirectAdmin for my office and server IP. Just to be clear, these services are working from EVERY OTHER location I have tried.

I have checked for the DirectAdmin blocked IP list, and it does not exist (which means its not blocked by DA). Even if it was on the list, that should not affect SSH. Finally, I have disabled iptables and this has not helped.

I am stuck for places to look. Any ideas?

Thanks in advance!

By default SSH uses port 22 unless you have configured it differently. First see if there is an application listening on this port (use netstat) and that it isn't bound to just the localhost IP. The second thing you could try, if you suspect SSH is being blocked is to try moving it to a non standard port, like 10022.

Thanks for the response Noway2, however I think you may have misread what I said.

SSH is working fine from EVERY computer and every location OTHER than my office and second server. Meaning it is not the problem you described :S.

Thanks any way.

Run
and
Then see if you can aceess it.

CentOS enabled a default firewall upon setup.

You can toggle it with

As I've already mentioned, I have disabled IPTables. So... that's not it either.

Paste what iptables -L shows.

Does tcpdump show any traffic through through to port 22?

Also run netstat -lntp and paste the output.

[root@fanling ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

==================================================================================================== =====================================================

[root@fanling ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Progra m name
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 2452/dovec ot
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 1695/pop3- login
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2606/mysql d
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 2679/exim
tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 5571/direc tadmin
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 1695/pop3- login
tcp 0 0 0.0.0.0:686 0.0.0.0:* LISTEN 2200/rpc.s tatd
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 2452/dovec ot
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2171/portm ap
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 5679/proft pd: (acce
tcp 0 0 202.64.188.60:53 0.0.0.0:* LISTEN 2964/named
tcp 0 0 202.64.188.59:53 0.0.0.0:* LISTEN 2964/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2964/named
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2506/cupsd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2964/named
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 2679/exim
tcp 0 0 :::80 :::* LISTEN 30259/http d
tcp 0 0 :::22 :::* LISTEN 30305/sshd
tcp 0 0 :::443 :::* LISTEN 30259/http d

==================================================================================================== =====================================================

When you say "Does tcpdump show any traffic through through to port 22?", are you trying to determine if SSH connections can be established or if an SSH connection from my office can be established? If it is the former, then I can say YES they can because I am remotely logged into it now.

Yep, IPtables are definitely disabled.

This doesn't make any sense.

His office can access port 80 on that server, but not port 22
His office can access port 22 on other servers.
He can access port 22 on that server from other locations, just not his office.

The only thing I can think of is something at his office, or between his office and that server that is blocking port 22 to that IP.

Can you add a second IP to that server, and then see if your office can access it?

I hadn't thought of that! But I just gave it a try and no luck.

Just to be clear, my office can access other servers on port 22. The problem appears to happen JUST with this 1 server.

Thanks for the idea though!

Does it ask for a password or just say something like connection refused or time out, etc?

From the office try this:
and for comparison

The connection timed out. Same for doing telnet (on port 22). However, on port 21 however, I get ProFTPD responding!

Strange I know!

It must be your ISP blocking connections on port 22 to that subnet, I know you said they are having no problems, but they may be intentionally blocking it for some reason.

The only other thing is if the datacenter(hosting provider) is blocking connections to port 22 from your office's IP, at like their core router.

It could be a router inbetween too, but for the most part those don't do random ip blocking.

Try contacting your ISP and datacenter and see what they have to say.

That's brilliant!

I've done a quick check to see if other servers on the same subnet are accessible, and they aren't. I think this is a pretty clear indicator that my ISP (on the server side) is blocking certain connections from my office IP.

Abefroman! You are a genius! I'll contact my ISP right away and let you know of my progress.

Thanks!