I have two servers over which I am trying to install some software. One is server1(IP 10.1.2.205) and the other is server2(IP 10.1.2.206). Both are able to ping each other by name and by IP address (ie. from server2 i can ping server1
or ping 10.1.2.205
)
I have the following output when I type in netstat -lnt
on server1
Proto Recv-Q Send-Q Local Address ForeignAddress State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:52666 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6817 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6818 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5672 0.0.0.0:* LISTEN
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:631 :::* LISTEN
tcp 0 0 :::36483 :::* LISTEN
tcp 0 0 :::5989 :::* LISTEN
Now when I try using the netcat command from server2, I get the following results :
nc -v 10.1.2.205 22
Connection to server1 22 port [tcp/ssh] succeeded! SSH-2.0-OpenSSH_5.3
nc -v server1 22
Connection to server1 22 port [tcp/ssh] succeeded! SSH-2.0-OpenSSH_5.3
The problem is with the following outputs though :
nc -v server1 5989
nc: connect to server1 port 5989(tcp) failed: No route to host
I get the same response on every other port.
No other port on server1 responds.
My ports of interest are the 6817 and 6818 ports. I have an application that needs to listen and respond on these ports between these two machines.
Output of : iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
What could be wrong ?
Best Answer
I think you are using Centos. As you can see in iptables rules all tcp connections other than at port 22 are blocked.
Try flushing iptables rules by :
This should remove all iptables rules. Let me know whether this works or not.