This has work since December of 2015. It is my VPN. Two weeks ago it stopped working. I am currently able to login to the computer using ssh from remotely but I can no longer ping external sources. It does not do an apt update, ping or receive VPN connection as it previously did. If I can resolve it gaining access to external resources via pinging or some other modality this should resolve my OpenVpn issues. This is my hypothesis.
Network Structure
[ Comcast Business Class Router WAN 28.82.XX.XXX port trigger 22 point to 10.1.10.9 IP it assigned to Linksys Router ]
>> [ Linksys Router IP 10.1.10.9 assigned from Comcast router | LAN 192.168.1.1 | port triger 22 to 192.168.1.120]
>> [ Switch ] >> [ Problem Computer LAN 192.168.1.120 ]
Debian Jessie
uname -a
Linux umdgcvpn 3.16.0-4-686-pae #1 SMP Debian 3.16.7-ckt11-1+deb8u6 (2015-11-09) i686 GNU/Linux
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 br0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
cat /etc/resolv.conf
nameserver 26032300:7de0:cad7fe0e:31b3
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0d:60:6c:39:3e brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
link/ether 00:1b:2f:31:99:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.120/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 26032300:7de0:21bfe31:9946/64 scope global mngtmpaddr dynamic
valid_lft 298441sec preferred_lft 298441sec
inet6 fe80::21bfe31:9946/64 scope link
valid_lft forever preferred_lft forever
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 00:1b:2f:31:99:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.120/24 brd 192.168.1.255 scope global br0
valid_lft forever preferred_lft forever
inet6 26032300:7de0:21bfe31:9946/64 scope global mngtmpaddr dynamic
valid_lft 298393sec preferred_lft 298393sec
inet6 fe80::21bfe31:9946/64 scope link
valid_lft forever preferred_lft forever
7: tap0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN group default qlen 100
link/ether 8e:c4:51:b8:a8:ec brd ff:ff:ff:ff:ff:ff
inet6 fe80::8cc4:51ff:feb8:a8ec/64 scope link
valid_lft forever preferred_lft forever
ping -c 3 google.com
ping: unknown host google.com
traceroute google.com
google.com: System error
Cannot handle "host" cmdline arg `google.com' on position 1 (argc 1)
wget http://www.google.com
--2018-12-20 15:06:10-- http://www.google.com/
Resolving http://www.google.com (http://www.google.com)... failed: Connection timed out.
wget: unable to resolve host address ‘www.google.com’
ping -s 1600 google.com
ping: unknown host google.com
ping 192.168.1.1 -c 1 -s 1499 -M do
PING 192.168.1.1 (192.168.1.1) 1499(1527) bytes of data.
ping: local error: Message too long, mtu=1500
--- 192.168.1.1 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
ping 192.168.1.1 -c 1 -s 1480 -M do
PING 192.168.1.1 (192.168.1.1) 1480(1508) bytes of data.
ping: local error: Message too long, mtu=1500
--- 192.168.1.1 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
ping http://www.cisco.com -c 1 -s 1472 -M do
ping: unknown host http://www.cisco.com
ping http://www.cisco.com -c 1 -s 1464 -M do
ping: unknown host http://www.cisco.com
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Can SSH From Remote, Computer Can Not Ping Out
Re: Can SSH From Remote, Computer Can Not Ping Out
from man page for ping:
if you can, then it's dns problem? Why do you only have ip6 dns anyway, is that assigned from dhcp? I don't use ip6 myself, so I don't quite understand the setup.
p.s. I don't think ping can accept http:// or other prefix it only wants names or numbers. I could be wrong, I'm on stretch, didn't see the -M flag either...
oh yeah, BTW if you edit your post and use code tags for all that output it will help other people read it, might get you quicker response.
so to test basic network you could just follow your description in reverse:When using ping for fault isolation, it should first be run on the local host, to verify
that the local network interface is up and running. Then, hosts and gateways further and
further away should be ``pinged''.
can you ping 192.168.1.120, 192.168.1.1, 10.1.10.9, 28.82.XX.XXX, 8.8.8.8Comcast Business Class Router WAN 28.82.XX.XXX port trigger 22 point to 10.1.10.9 IP it assigned to Linksys Router ]
>> [ Linksys Router IP 10.1.10.9 assigned from Comcast router | LAN 192.168.1.1 | port triger 22 to 192.168.1.120]
>> [ Switch ] >> [ Problem Computer LAN 192.168.1.120 ]
if you can, then it's dns problem? Why do you only have ip6 dns anyway, is that assigned from dhcp? I don't use ip6 myself, so I don't quite understand the setup.
p.s. I don't think ping can accept http:// or other prefix it only wants names or numbers. I could be wrong, I'm on stretch, didn't see the -M flag either...
oh yeah, BTW if you edit your post and use code tags for all that output it will help other people read it, might get you quicker response.
resigned by AI ChatGPT
Re: Can SSH From Remote, Computer Can Not Ping Out
[SOLVED SOLUTION ]
I changed my /etc/network/interfaces file to look like this. "eth1" is my main network card that has an ip and handles my internet requests. I rebooted the computer and it works.
To use this solution run the following commands.
# ip a
This will display the card with the ip address ex :
This helped be know which card to modify in the /etc/network/interfaces file. Add this line "gateway 192.168.1.1" to match the router on your L.A.N. Local Area Network you are connected to. This will most likely do the nameserver resolution. You can also use "gateway 1.1.1.1" I am not sure how this works in relations to LAN traffic. Best of luck.
Not sure what your router IP is do the following.
# traceroute nis.nsf.net
I changed my /etc/network/interfaces file to look like this. "eth1" is my main network card that has an ip and handles my internet requests. I rebooted the computer and it works.
To use this solution run the following commands.
# ip a
This will display the card with the ip address ex :
Code: Select all
3: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
link/ether 00:1b:2f:31:99:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.120/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::21b:2fff:fe31:9946/64 scope link
valid_lft forever preferred_lft forever
Not sure what your router IP is do the following.
# traceroute nis.nsf.net
Code: Select all
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo br0
iface lo inet loopback
# The primary network interface
allow-hotplug eth1
iface eth1 inet dhcp
gateway 192.168.1.1
# This is an autoconfigured IPv6 interface
iface eth1 inet6 auto
# Bridge setup
#iface br0 inet dhcp
# bridge_ports eth1