Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Can SSH From Remote, Computer Can Not Ping Out

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
lindylex
Posts: 123
Joined: 2007-05-23 12:50

Can SSH From Remote, Computer Can Not Ping Out

#1 Post by lindylex »

This has work since December of 2015. It is my VPN. Two weeks ago it stopped working. I am currently able to login to the computer using ssh from remotely but I can no longer ping external sources. It does not do an apt update, ping or receive VPN connection as it previously did. If I can resolve it gaining access to external resources via pinging or some other modality this should resolve my OpenVpn issues. This is my hypothesis.

Network Structure

[ Comcast Business Class Router WAN 28.82.XX.XXX port trigger 22 point to 10.1.10.9 IP it assigned to Linksys Router ]
>> [ Linksys Router IP 10.1.10.9 assigned from Comcast router | LAN 192.168.1.1 | port triger 22 to 192.168.1.120]
>> [ Switch ] >> [ Problem Computer LAN 192.168.1.120 ]

Debian Jessie

uname -a
Linux umdgcvpn 3.16.0-4-686-pae #1 SMP Debian 3.16.7-ckt11-1+deb8u6 (2015-11-09) i686 GNU/Linux


route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 br0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1


cat /etc/resolv.conf
nameserver 2603:301d:2300:7de0:cad7:19ff:fe0e:31b3

ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0d:60:6c:39:3e brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
link/ether 00:1b:2f:31:99:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.120/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 2603:301d:2300:7de0:21b:2fff:fe31:9946/64 scope global mngtmpaddr dynamic
valid_lft 298441sec preferred_lft 298441sec
inet6 fe80::21b:2fff:fe31:9946/64 scope link
valid_lft forever preferred_lft forever
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 00:1b:2f:31:99:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.120/24 brd 192.168.1.255 scope global br0
valid_lft forever preferred_lft forever
inet6 2603:301d:2300:7de0:21b:2fff:fe31:9946/64 scope global mngtmpaddr dynamic
valid_lft 298393sec preferred_lft 298393sec
inet6 fe80::21b:2fff:fe31:9946/64 scope link
valid_lft forever preferred_lft forever
7: tap0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN group default qlen 100
link/ether 8e:c4:51:b8:a8:ec brd ff:ff:ff:ff:ff:ff
inet6 fe80::8cc4:51ff:feb8:a8ec/64 scope link
valid_lft forever preferred_lft forever


ping -c 3 google.com
ping: unknown host google.com


traceroute google.com
google.com: System error
Cannot handle "host" cmdline arg `google.com' on position 1 (argc 1)


wget http://www.google.com
--2018-12-20 15:06:10-- http://www.google.com/
Resolving http://www.google.com (http://www.google.com)... failed: Connection timed out.
wget: unable to resolve host address ‘www.google.com


ping -s 1600 google.com
ping: unknown host google.com


ping 192.168.1.1 -c 1 -s 1499 -M do
PING 192.168.1.1 (192.168.1.1) 1499(1527) bytes of data.
ping: local error: Message too long, mtu=1500

--- 192.168.1.1 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms


ping 192.168.1.1 -c 1 -s 1480 -M do
PING 192.168.1.1 (192.168.1.1) 1480(1508) bytes of data.
ping: local error: Message too long, mtu=1500

--- 192.168.1.1 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms


ping http://www.cisco.com -c 1 -s 1472 -M do
ping: unknown host http://www.cisco.com


ping http://www.cisco.com -c 1 -s 1464 -M do
ping: unknown host http://www.cisco.com
Top
User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Can SSH From Remote, Computer Can Not Ping Out

#2 Post by bw123 »

from man page for ping:
When using ping for fault isolation, it should first be run on the local host, to verify
that the local network interface is up and running. Then, hosts and gateways further and
further away should be ``pinged''.
so to test basic network you could just follow your description in reverse:
Comcast Business Class Router WAN 28.82.XX.XXX port trigger 22 point to 10.1.10.9 IP it assigned to Linksys Router ]
>> [ Linksys Router IP 10.1.10.9 assigned from Comcast router | LAN 192.168.1.1 | port triger 22 to 192.168.1.120]
>> [ Switch ] >> [ Problem Computer LAN 192.168.1.120 ]
can you ping 192.168.1.120, 192.168.1.1, 10.1.10.9, 28.82.XX.XXX, 8.8.8.8
if you can, then it's dns problem? Why do you only have ip6 dns anyway, is that assigned from dhcp? I don't use ip6 myself, so I don't quite understand the setup.

p.s. I don't think ping can accept http:// or other prefix it only wants names or numbers. I could be wrong, I'm on stretch, didn't see the -M flag either...

oh yeah, BTW if you edit your post and use code tags for all that output it will help other people read it, might get you quicker response.
resigned by AI ChatGPT
Top
lindylex
Posts: 123
Joined: 2007-05-23 12:50

Re: Can SSH From Remote, Computer Can Not Ping Out

#3 Post by lindylex »

[SOLVED SOLUTION ]

I changed my /etc/network/interfaces file to look like this. "eth1" is my main network card that has an ip and handles my internet requests. I rebooted the computer and it works.

To use this solution run the following commands.

# ip a

This will display the card with the ip address ex :

Code: Select all

3: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
    link/ether 00:1b:2f:31:99:46 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.120/24 brd 192.168.1.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::21b:2fff:fe31:9946/64 scope link 
       valid_lft forever preferred_lft forever
This helped be know which card to modify in the /etc/network/interfaces file. Add this line "gateway 192.168.1.1" to match the router on your L.A.N. Local Area Network you are connected to. This will most likely do the nameserver resolution. You can also use "gateway 1.1.1.1" I am not sure how this works in relations to LAN traffic. Best of luck.

Not sure what your router IP is do the following.

# traceroute nis.nsf.net

Code: Select all

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo br0
iface lo inet loopback

# The primary network interface
allow-hotplug eth1
iface eth1 inet dhcp
gateway 192.168.1.1

# This is an autoconfigured IPv6 interface
iface eth1 inet6 auto


# Bridge setup
#iface br0 inet dhcp
#        bridge_ports eth1
Top
Post Reply

Return to “System and Network configuration”