Not able to ssh from outside network and after ssh my server internet connection is getting lost

Latest response

Hello Team,

I've installed RHEL7.2 64 bit with Minimum Setting option at my server HP Proliant DL20 Gen 9 Intel and have public address and a virtual internal network.

I've done port forwarded to my server internal private IP Address to public address so that i can ssh from outside.

After fresh installation i've setup internet connection at very begnnning at the time of installation & after installation i was able to ping google.com on console and was able to ssh internally, but as soon as i try to ssh from outside network my internet connection is getting lost and even after rebooting and restarting network service i tried ping google.com its says unable to resolve host.

So after looking many link for solution at web and ended up in reinstalled my Operating system and tried ping google.com surprisingly it was working and tried again ssh internally and after that ping google.com it was working, but as soon as i tried ssh from outside network the internet connection got lost.

NOTE : Early i was using RHEL6 and there was no problem even after ssh from outside network it was working just fine and the reason the switch from RHEL6 to RHEL7 is docker have support for RHEL7 and above.

I've a strong feeling that something is getting updated in network script or somewhere else at my server machine.

I'm lost here, can you please help me, need assistance.

Appericate your help.

Thank You.

Regards,
Amit

VJ
Log in to join the conversation

Responses

SW Red Hat Guru 4022 points
23 July 2018 7:39 AM

Hello

is the service running and enabled to start at system start:

~]$ systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; disabled; vendor preset: disabled)

that is the response from my system, not what you want to see. If you see that, then you need to start it and also enable it to start at next system start.

See the Configuring OpenSSH chapter in the System Administrator's Guide.

SW Red Hat Guru 4022 points
23 July 2018 7:42 AM

BTW, you might find this discussion helpful Ways to check for open ports on RHEL

VJ Community Member 65 points
23 July 2018 8:08 AM

Yes Stephen, The sshd service is running already i can ssh from my internal network but now i'm not able to access internet on the server machine after trying ssh from outside network.

SM Guru 3731 points
23 July 2018 8:42 AM

Have you checked the firewall configuration?. You may flush firewall rules and check if this could be done. Check if you could reach the system by doing a ping from out side, if this works then your routing from outside to your internal network is good. Please remember to take reload firewall rules if you've flushed off before (firewall-cmd --reload).

VJ Community Member 65 points
23 July 2018 9:03 AM

Hello,

Thanks for your feedback, appericate your help.

I've haven't touch or add any rules to firewall yet its an fresh installation with default setting for firewall.

VJ Community Member 65 points
23 July 2018 9:13 AM

NOTE : this ssh is working internally mean devices which are in Local area network they can ssh server but from outside you can't as the internet connection is lost and i can't ping to google.com or any other website anymore.

So i don't know what had gone wrong i haven't touch/modifed any of the setting as its an fresh installation.

SM Guru 3731 points
23 July 2018 9:34 AM

Ok, by default ssh is allowed in firewall and default zone would be set to 'public'.

VJ Community Member 65 points
23 July 2018 9:40 AM

how to set the default zone to public ?

VJ Community Member 65 points
23 July 2018 9:49 AM

i have disbled the by firewall systemctl stop firewalld

still i tried ping google.com it told 2 min and after that host not found error

MS Active Contributor Community Member 357 points
23 July 2018 8:48 AM

Hi Vishal

can you please share the output from

ip addr ip r s cat /etc/sysconfig/network-scripts/ifcfg-$interface-name-from-ip-addr

Thansk Sadiq

VJ Community Member 65 points
23 July 2018 9:04 AM

Ya please give me a moment i will add the command and share that

VJ Community Member 65 points
23 July 2018 9:42 AM

Thanks for your help,

but its given error as ip is unknown command, try ip addr help

SM Guru 3731 points
23 July 2018 10:08 AM

Vishal,

I guess these are the command outputs that Mohammed was asking:

#ip a
#ip route
#cat /etc/sysconfig/network-scripts/ifcfg-*
MS Active Contributor Community Member 357 points
23 July 2018 10:17 AM

Are you usning this Node as a Bastion ?

VJ Community Member 65 points
23 July 2018 10:25 AM

I don't know how to setup ssh as Bastion host

ip a -> Output

eno1 : <Broadcast,UP,LOWER_UP> mtu 65536 qdisc noqueue status UP qlen 1000 link/ether XX:XX:XX:XX:XX:XX inter 10.13.225.66/28 brd 10.13.225.79 scope global eno1 valid_lft forever preferred_lft forever inet6 XXXX:XXXX:XXXX:XXXX:XXXX:XXXX/64 scope link valid_lft forever preferred_lft forever

ip route -> Output default via 10.13.225.65 dev eno1 protp static metric 100 10.13.225.64/28 dev eno1 proto kernel scope link src 10.13.225.66 metric 100

cat /etc/sysconfig/network-scripts/ifcfg-eno1 TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no NAME=eno1 ONBOOT=yes IPADDR=10.13.225.66 PREFIX=28 GATEWAY=10.13.225.65 DNS1=XX.XXX.XXX.XX DNS2=XX.XXX.XXX.XX

But the problem that earlier i had done nothing after fresh installation i just check ssh locally it was working and ping google.com too and after trying to access from outside network to server from windows machine it said permission denied and after that at server i tried ping google.com it said unable to resolve host

MS Active Contributor Community Member 357 points
23 July 2018 10:42 AM

Can you make traceroute to google.com and check if it is goign through the gateway or not .

VJ Community Member 65 points
23 July 2018 11:06 AM

root@sab> traceroute google.com google.com : Temporary failure in name resolution Cannot handle "host" cmdline arg "google.com" in position 1 (argc 1)

MS Active Contributor Community Member 357 points
23 July 2018 11:16 AM

Looks like name resolution issue fro your node Can you send this output

dig www.google.com

And also output fro /etc/resolv.conf

VJ Community Member 65 points
23 July 2018 11:24 AM

I'm sorry i don't have dig and installing dig i have to resolve depedancies of bind-utils

but here is cat /etc/resolve.conf search example.org nameserver XX.XXX.XXX.XX -> these are ip address that is been provided by my Internet provider -> DNS1 nameserver XX.XXX.XXX.XX -> these are ip address that is been provided by my Internet provider -> DNS2

MS Active Contributor Community Member 357 points
23 July 2018 11:30 AM

if yyou dont have dig you can do nslookup

nslookup www.google.com

SM Guru 3731 points
23 July 2018 12:08 PM

I guess your system gateway is not reachable, could you ping the gateway IP from local system and check if that works.

VJ Community Member 65 points
24 July 2018 4:19 AM

Looks like my problem solved as i moved to ubuntu 16.04 and setuped DNS properly, thanks a lot for your help.

Appericate your help.....

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.