SSH No Route to Host - networking

I apologize for the novice question, but have been struggling on this for many hours. I am running Ubuntu Server on Ubuntu 16.04. I can ssh fine into local host (thus know ssh server is running)
However, when I try to log into my server externally, I get the error message shown below (yes I know port 22 is not secure):
I have enabled port 22 on my /etc/ssh/sshd_config file and allowed the ListenAddress to be everything by leaving it empty (tried with other addresses), and ensured that my iptables are open:
Finally, I am using a static IP address. And ensuring that I am forwarding ports:
I am not including a port triggering as I do not believe that it is necessary?
What do I need to do to expose this server externally and be able to SSH into it? Any help is very much appreciated.

Solved, no responses required. My internal ip address that I had my port forwarding selected for was different than the internal ip address that my computer was on.

Related

How to create TCP tunnels with Pagekite

I am a complete beginner when it comes to networking and I am trying to set up a TCP tunnel on my machine using pagekite. I want to route all traffic from a TCP address to a port on my localhost, let's say 8080. I would then start a handler on localhost:8080 to deal with the incoming traffic. I can get this to work with ngrok simply by doing ngrok tcp 8080, but on a free ngrok plan I cannot reserve tcp addresses and ngrok is rather slow, so I opted to try and use pagekite.
Pagekite normally allows easy tunnelling to an HTTP address, but they have a guide here about how to use PuTTY along with Pagekite to create a TCP tunnel proxied by HTTP.
I followed their guide but could use some help figuring out if it does what I want it to do.
I am working on a Linux VM, so I first set up an SSH server with openssh like this: sudo service ssh start
I then exposed that SSH server using pagekite like this: python3 pagekite.py 22 ssh:user.pagekite.me
I then started PuTTY, and configured the Host Name to be user.pagekite.me on port 22, setup an HTTP proxy with the proxy hostname user.pagekite.me on port 443 and finally created a tunnel from the PuTTY machine with source port 8080 and destination localhost:8080.
Now I am not sure what this actually accomplished. I know that the PuTTY machine connected to the ssh server running on my VM and I am able to use the linux terminal from the PuTTY terminal but has this actually created a TCP tunnel from user.pagekite.me:8080 to localhost:8080? Additionally after doing this, if I try to setup the handler on localhost:8080 I get the following error:
Handler failed to bind to 0.0.0.0:8080
Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8080).
Again I am completely clueless when it comes to networking so if anyone could explain what it is I'm doing and if it is even possible to do what I want the way that I am doing it, that would be quite helpful.

WebSocket-Sharp doesn't respond to public IP address

I have a problem hosting WebSocket-Sharp on a public internet IP. Locally it works fine.
This problem occurs on Windows and Linux.
I do no receive a timeout or an HTTP status code, the page blocks immediately.
I'm 99% sure I have port forwarding set up correctly; I've tried with an Android modem, VPN and regular NAT router setup.
I've tried the following combinations:
192.168.1.2:80 8080 5000 39393
0.0.0.0: ....
public IP: ....
The problem resides in the HttpServer provided with WebsScketSharp. The pure websocket variant (WebSocketServer.cs), instead of the HttpServer option with Get functionality, has an option to set AllowForwardedRequest to true so will be reachable from non localhost addresses. The HttpServer class doesn't support this.
It is partially a solution as I gave up regular GET functionality, but thats fine by me.
Ok, assuming your server with the public Ip addres is Linux:
Check what ports are listening and what program are listening in those
netstat -tulpn
Check your Firewall rules both in the provider and in the Server
sudo ufw status
See if connections are getting to your Server
sudo tcpdump
You can filter for the port of for origin Ip (if you use a proxy that will be different Ip).
sudo tcpdump | grep "80\|123.45.67.89"
That's the only way to see if the packets are getting into the server.
Let me know if you use Docker as thinks work a bit different.
You can create a tunnel and try like if it was local
ssh -L 80:123.45.67.89:80 ubuntu#yourserver.com
Cheers

Cannot Ping Or Remote Desktop into Hyper-V PC Via IP Address On Host

I have a bit of a bizarre problem. I have a Hyper-V VM and I cannot connect to it via IP address on the host computer.
I intend to use it as an SQL server to host a database for a website while I test it, and the first step I can see in this endeavour is to make sure the IP addresses work externally.
Other PCs on the LAN appear to be able to connect just fine via the IP address on Remote Desktop. I cannot do so. I also cannot connect through SQL Management Studio (named pipes or TCP/IP). Although named pipes gives an error relating to being denied access as opposed to IPs which are just not found.
I have tried pinging both ways:
VM => Host : Always gives a "Destination Host Unreachable" error
Host => VM: Always gives a "Request Timed Out" error
As for netstat -a -n, I can see that the VM is listening to 3389 (default Hyper V port, which makes sense).
Regarding Firewalls, all have been turned off on all machines. I can tell that the firewall is not the issue.
If you need any more information to help me to diagnose and treat the problem, please ask me as I would like to get this sorted as quickly as possible.
Thanks a lot in advance.
Which windows server version do you use?
Windows Server 2016 blocks insecure RDP connections (https://support.microsoft.com/en-us/help/4295591/credssp-encryption-oracle-remediation-error-when-to-rdp-to-azure-vm).
Since RDP uses CredSSP you have to install the current Windows Patches.
Do you can ping the DNS server by IP address from your VM?
Is ICMP (ICMP = the thing you need for ping) on your host enabled?
Here is a Checklist for ICMP:
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc749323(v=ws.10)
Solved,
Just switched to another physical computer and it was fine.

Cannot access chef-server web interface. (No route to host)

I have got chef-server installed on a centos machine.
Everything is working as expected except that I cannot access the chef-server web interface from another machine on my local network.
I can access the web interface from the centos machine itself:
telnet mychefserver.local 4000
Connected
If I do the same from my machine I have got:
telnet: Unable to connect to remote host: No route to host
I can successfully ping mychefserver.local from my machine
Any idea how to configure nginx with chef-server to access the chef-server from the network?
Since Chef Server 10, the web interface uses normal HTTPS (TCP 443), it only listens on the high ports locally, and nginx proxies as needed to the different backend services. I would try with a normal web browser as telnet isn't exactly great at error messages. Normally I would expect that to mean telnet is getting TCP transmission errors, but maybe it is just confused? If it is really a TCP transmit error then more likely the internal DNS is having issues. .local often means mDNS which has uneven support in some places, I would try an actual IP address to be sure.
My issue was iptables.
I stopped iptables and I can access the chef-server from my local network again.

Connecting to Windows localhost (IIS) from another computer

I have a Windows Vista laptop running IIS7 for its localhost. On this machine, I can successfully navigate to:
"http://localhost"
"http://127.0.0.1"
"http://mycpuname"
However, I cannot access this localhost website from another computer on the same network. Ideally I would be able to visit "http://mycpuname" (so that I can hard-code a connection), but at this point I might settle for the IP address of the machine (http://192.000.000.xyz)
I've seen similar questions asked here and elsewhere on the internet... but none of the posts seems to fix the issue for me.
Things I've tried:
- adding exceptions to Windows Firewall to allow TCP ports 80 and 8080
- disabling Windows Firewall entirely
- running the "netsh" commands in this post
Additionally, I am looking at the IP address on the Windows laptop by running "ipconfig" from the command prompt. Oddly enough, trying to access "http://192.000.000.xyz" from the Windows laptop doesn't seem to work...
I have also tried restarting IIS and restarting my machine.
Help?
Go to windows firewall with advanced security, inbound rules and check and see if world wide web services is enabled. I had this same issue, and this fixed it for me.
are you binding to 127.0.0.1? run below command
netstat -an |findstr :80 |findstr LISTEN
if it shows 127.0.0.1, you need change IIS listen to 0.0.0.0
Try netstat -na - it will show you what IP addresses your web server is listening on.
If it's only listening on 127.0.0.1, the loopback, you will have to re-configure the web server to listen on all addresses/interfaces (usually either *.*.*.*, or 0.0.0.0 in some config file, or just some drop-down in some windows dialog somewhere).
If, on the other hand, netstat tells you the web server is listening on *.*.*.* or 0.0.0.0, i.e. all interfaces, then you have to figure out what's blocking the traffic - it's either the local firewall, or something on the path between the two computers.
If you want to access your website from any other computer on your local network then you need to simply type your network IP and port. If you want to access it from internet then you need to configure your IP.

Resources