I have the following topology:
Basically 2 subnets, 10.0.27.0 and 192.168.0.0.
I have a floating ip that I assign to one of the machines using the interface in the 10.0.27.0 subnetwork, and it works fine. I added the rules for allowing the ssh traffic. However, when I try to do the same for the interface in the subnet 192.168.0.0, it doesn't work. After a nmap I can see that the port is closed, so I don't know what is happening. Any help is appreciated.
So many possible reason,
Did subnet 192.168.0.0 has opened port? did you test it first?
Did you try to change the subnet into 192.168.0.1? test by changing the subnet into that first. Using default subnet end with 0.0 or 1.1 value sometimes in different environment cause a problem.
You may share what environment you setup this topology and how you do this?
Is it through virtualised network environment or using physical network (switches or router).
Related
Comcast installed a Juniper Universal Access Router ACX1100, I plugged our switch to the port that the technician told us that is in/out port. But nothing happened, after reading and asking I was told that I need a managed switch to be configured with the gateway IP and that IP is a /29. That's where I got lost. According to him there are 6 usable IP's.
example:
Gateway: 192.168.120.161/29
Usable Range: 192.168.120.162 - 192.168.120.167
One of my multiple questions is what hardware do I need to be able to connect my PC's?, I configured a managed switch, but when I connect my laptop to it I get Unidentified Network and No Internet Connection.
I have been reading and I think I need a VPN with DHCP server integrated.
If some one can help me I'll appreciate it.
/29 is the subnet mask, it can also be expressed as 255.255.255.248. Basically it defines which part of the IP is the network ID and which part of IP is the host ID.
I think in order to accurate assess your situation, we need to know exactly what kind of configuration you set on the managed switch you purchased, also which managed switch did you purchase?
Also currently on your laptop's NIC, what IP is assigned on there?
Either on your old unmanaged switch or on the managed switch, you can try assigning one of the addresses from the /29 block that the technician told you about statically. And the default-gateway with the addresses you posted in your question.
I'm quite new to this world and I do not have a lot of experience with raspberry PI nor with networking, and I have a doubt:
I am supposed to set a static IP to a raspberry device: ok, easy, lots of tutorials out there. The purpose is: Access a site that is on the rasp, via a network (no internet needed), like you do with your router when you configure it.
HOWEVER, this raspberry will be sent to many different places (imagine it's like a group of friends, each week it will be at one's house. They do not know how to program or set things up or even access the rasp). Therefore.. different networks.
The doubt is: Would a static IP still work in that case? Or is it restrained to one's network DHCP?
If it does not work, any ideas on how can I make it work? I'd like to access a html file hosted on the raspberry, but as its IP changes and suppose I don't know what it is, how can I access this html from my computer, both being connected on the same network?
A static IP is restricted to one network, which means you can just simply set a static IP on each network via the Router-Settings. Or configure it your self with a Bash Script.
A more dynamic way would be to just use the hostname, which leads to an access like this http://yourHostname/yourFile.html than even with a different IP everything is working. This assumes that you're webserver is right configured.
For example an Apache2-Conf with VirtualHost could look like this:
<VirtualHost *:80>
ServerName yourHostname
<VirtualHost>
I would go for a more dynamic solution and avoid using a static IP address, because you don't know which subnets are used in different places. For example a wifi might use 192.168.0.xxx, another one might use 192.168.1.xxx and so on...
Solution: try to use a hostname for your Rpi. You will then access it by using its name and not its IP.
step 1: try to find how to setup your hostname
step 2: you will have to somehow "populate" this hostname to the network. Some use the avahi-daemon for this.
step 3: you might need to install Bonjour to your laptop
More info:
about avahi here: Raspberry Pi not reachable via its hostname in LAN
about Bonjour here:
Accessing Raspberry Web server with a ".local" address?
I have 2 instances running on Compute engine, although the documentation says that I'm able to ping and establish a communication between these VMs I can't. I've tried the ping with VM name and ipv4 address. I also tried to configure new work-group for both VMs and nothing.
Here's the link: https://cloud.google.com/compute/docs/vm-ip-addresses
If you are communicating between instances in the same network, you
can send packets to an instance using the instance name, and the
network automatically resolves the name to the internal IP address of
the instance.
My VMs configuration:
Both are in the same network
I even turn off the firewalls
But no connection between at all.
Anyone passed for the same? someone knows what is going on?
How do I solve this issue?
This is due to firewall rules. You need to add the allow-icmp network tag in the Network tags section of the instances edit page >
You can create new Network tags to open up new ports/protocols in the VPC Network>Firewall rules section:
EDIT 1:
Please note that the 0.0.0.0/0 subnet used on the screenshot above opens up the ports to the entire internet and I only used it for demonstration purposes to avoid sharing my IPs. I would STRONGLY advise against using that subnet for firewall rules in a production environment. The internet is a dark and scary place.
This happens to us from time to time - suddenly our 2 instances cannot reach each other through API or even ping. Even though we haven't changed any firewall rules or anything. I guess it's some GCloud glitch.
Nothing we have tried works, except for restarting the instances, then everything works again. So, if anyone has the same, and nothing seems to help the issue, I suggest, as a last resort, to reboot the instances.
Each network in Google Compute Engine has its own firewall configuration which by default will block incoming traffic to your VM. See the firewall documentation to see how the default network is configured and how to apply similar rules to your custom network.
Be sure the firewall rules include the GCE subnet. In your case, it would mean that 10.10.0.0/24 has icmp allowed.
I'm not sure why the firewall rules apply within the network subnet, but apparently they do.
If you did not change network and or firewall rules and use default network and firewall rules then simply edit hosts file (open hosts on all vm, copy hosts line for each vm and add its all other vm) and then try ping. I have tried same between three centos instance and its working.
Make sure you restart the network on VMs in order to work it fine.
This helped me pretty well.
We are attempting to use a Cisco ASA as a VPN as well as forward traffic to two servers.
Our ISP has given us a range of IP addresses that are sequential.
154.223.252.146-149
default GW of 154.223.252.145, we're using netmask 255.255.255.240
We have the first of these, 154.223.252.146, assigned to the external interface on our ASA and it’s successfully hosting our VPN service. It works great.
The next and final goal is to have 154.223.252.147 forward https traffic to 10.1.90.40 and 154.223.252.148 forward https traffic to 10.1.94.40.
Our current blocker is our inability to get the outside interface of the asa to respond to these ip addresses.
We’ve been able to use 154.223.252.146 to forward https traffic correctly. So we know that works.
I’ve plugged my laptop into the switch from our ISP and have successfully manually assigned 154.223.252.147 and 154.223.252.148 with the default gw of 154.223.252.145 and was happily connected. So we know the IP’s are there and available, we just need to convince the ASA to respond to them and use them to forward https.
We’ve tried plugging cables from the switch into other interfaces on the firewall. This failed because the netmask overlaps with our first outside interface 154.223.252.146 255.255.255.240, Cisco hates this and doesn’t allow it.
We’ve read documentation and have heard that it’s possible to assign a range of IPs to the ouside interface by defining a vlan. We do not know how to successfully make this work and out attempts have failed.
What's the best way to accomplish this configuration with a Cisco ASA?
You don't need to assign multiple IPs from the same range to more than one interface. That doesn't work with Cisco. Instead try a static one to one NAT for your Web server and terminate your VPN traffic on the IP address assigned to the interface.
Watch this video for one to one NAT:
https://www.youtube.com/watch?v=cNaEsZSsxcg
Cisco has an active scanning technology that was enabled on this ASA. We were able to diagnose it by intermittent bad behavior. After troubleshooting long enough we realized that some of the behavior couldn't be consistent with the changes we were making. So we started looking for things that the firewall would be trying to do by itself. That ended up helping us narrow it down. Disabling active scanning allowed our external vlan configurations to work. Now moving on to tightening up the configs.
I have 3 VMs with Ubuntu 12.10: m1, m2 and m3.
Here are their IPs
m1 = 192.168.1.1
m2 = 192.168.2.1
m3 = 192.168.3.1
When I try to ping between them, I get a destination host unreachable.
If I set them to 192.168.1.X, then the ping works fine, so the VM setup is working fine. The issue is when I put them in a different 192.168.X ip.
What's the ideal setup for all 3 machines to be able to ping each other?
If you're using a normal netmask of 255.255.255.0, that means that they are on different subnets. You need to set up some way of routing between them. I don't know what virtualization software you're using, but the 2 most common ones (VMWare and Virtualbox) both have support for configuring and modifying virtual networks.
You will have to look for the network settings config options.
EDIT: Depending on what you're trying to do, dennis' answer may be easier.
Change the subnet mask accordingly: in your case, 255.255.0.0