1

I have an ubuntu box at a local IP behind an Arris router from my ISP. I've setup port forwarding on the router for port 80 such that it forwards TCP/UPD to the local IP of the ubuntu box.

However, I cannot telnet using the public IP, and I can't access apache's welcome page on ubuntu via the public IP. I can telnet to ubunut's local ip from my mac on port 80 and can ssh into it as well. I have also disabled the firewall on Ubuntu for testing, yet I'm still unable to access ubuntu via the public IP.

I have checked and port 80 is open on the public IP so is 22, but not 21.

Not sure where to go from here. Any advice?

Edit: The output of traceroute is as follows:

traceroute to 72.24.237.82 (72.24.237.82), 30 hops max, 60 byte packets
praha-4d-c1-vl55.masterinter.net (77.93.199.253)  0.499 ms  0.493 ms  0.544 ms
ae-5-5.car1.KansasCity1.Level3.net (4.69.135.229)  149.079 ms           
CABLEONE.car1.KansasCity1.Level3.net (4.53.32.30)  146.839 ms  146.722 ms
CABLEONE.car1.KansasCity1.Level3.net (4.53.32.30)  146.163 ms  146.822 ms *
* * *
* * *

Which I think means that CABLEONE.car1.KansasCity1.Level3.net is not allowing anything to get past it. But what does that mean exactly?

mgorven
  • 31,399
Sam Hammamy
  • 199

3 Answers3

3

Many routers don't support this sort of back-traversal.
(Connecting to the outside from a machine on the inside.)
That may be part of your problem.

Further more: For telnet you need port 23, 22 is SSH and 21 (together with 20) is FTP.

To check that the port-forwarding is actually working properly you can use something like ShieldsUp! (www.grc.com, Click on the ShieldUp! logo and on the next page it is in the "services" menu.)

Tonny
  • 6,360
  • 1
  • 20
  • 31
0

ICMP echo from outside to the router IP. You can use traceroute or ping to do that. If it reaches the router then check if the apache is running, if it listening on port 80.

netstat -patn

I think the problem might be in forwarding rule. it might be setup to the non-existing ip or to wrong port. I don't really see any other option.

Well to be honest i do not see the issue. I have just connected to the IP http: // 72 . 24.237.82/ and it is working totaly fine.

this is my request:

GET http:// 72 . 24 . 237 . 82 / HTTP/1.1
Host: 72.24.237.82
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: pl,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive

And this is the response from your server:

HTTP/1.1 200 OK
Date: Fri, 27 Jul 2012 18:40:44 GMT
Server: Apache/2.2.22 (Ubuntu)
Last-Modified: Fri, 27 Jul 2012 06:40:58 GMT
ETag: "5427ef-b1-4c5c9feaa5dc5"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 177
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

<html><body><h1>It works!</h1>
<p>This is the default web page for this server.</p>
<p>The web server software is running but no content has been added, yet.</p>
</body></html>

Is it possible that you try to use the external IP address from whithin the network that you want to connect to? So is the router that you want to connect through the same that you are passing while connecting the internet? If so - this is impossible in many cases.

mnmnc
  • 203
-2

Have you tried to disable selinux? Or at least put it into permissive mode?

I find if i ever have an issue like this, the normal resolution is disabling selinux!

bob
  • 1