Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: croppa on February 12, 2005, 10:50:24 AM
-
I have 2 SME Server boxes running 6.01. Both are accessable room the net as they should be both are running ClamAV and working fine except they will not communicate with each other (will not ping, recieve email, go to the web site on the other or in any way accept that the other exists). I am at a complete loss as to whot I have done (or not done) and do not know where to start. This is the second time this has happend. The last time I reinstalled bothe boxes from scratch. Thanks in anticipation
Stuart
-
Croppa,
That's strange because they are just like any other boxes. I'm really curious...
1. Can you connect to both boxes from the LAN using a third machine?
2. Can both SMEs ping the third machine?
3. Are they even on the same LAN?
There is a lot that isn't clear about you configuration. Give us some more details.
-
Thank you Jay for your reply. The two boxes behave normaly other than will not comunicate in any way with each other. I am at a complete loss. (I am not wildy experenced with Linux however I mostly use it at home).
You can ping from outside from any other machine on the net, send emails etc. but not from or to each other. Both machine are on ADSL conections one at home one at work. They were setup so I could access the server manager from the other but not from any other IP.If you would like further information please ask as I do not know whot you may wont.
Thanks Stuart
-
Stuart,
Okay. so these two machines are configured on two different LANs and they should communicate across the Internet. Are they also configured as 'gateways'? If so, can machines behind the gateway connect to the other machine?
PC---SME---DSL----Internet----DSL---SME---PC
Can you connect from PC to distant SME?
Finally, how are you testing connections. I heard you say that you are pinging and trying to connect to the web server on the distant machine and that you fail. How are you testing? Are you using the command line interface on a SME? wget?
Of course, you've configured "Remote Access" to allow connections, remembering that you need to use the NAT-ted IP Address (because the DSL routers most cretainly change the IP)... right?
-
Yes this is the arrangement amd no other machines behind cannot ping or contact. Everything use to work properly then it became impossiable to pickup mail from the other then after sone time it all failed. I had the remote access working fine before. It is a big puzzle to me. I cannot ping either from either SME box or from other machines behind the SME box to the other SME box however I can ping from machine to say google or wherever. I had setup SSH Authentication and this also went well and now I cannot get to the box for this to work.
Thanks for your interest so far. I think there may be a corrupt or altered config file somewhere, but where I do not know. (I just suspect this I donot know for shure)
Stuart
-
Stuart,
I don't believe the 'corrupt file theory'... because you said you rebuilt both SMEs. Also, if both machines are able to interact with the Internet (at large) but not each other... that sounds more like a problem with a firewall... probably on one or both SMEs.
I would check your "remote access" very carefully. Each SME should have the IP Address and an appropriate mask for the other listed in it. Without this, you will not be able to access the GUI on the distant end.
jay@hitechsavvy.com
-
Thanks Jay for your continued interest
The idea of a problem with my firewall sounds quite feasable. The two machines were working back and fowards when they were first installed and for abuot 8 months.
Do you think the remote access (currently set at Remote Management set to allow the work ip on the home machine, with 255.255.255.255, ssh to allow public access (I would normally set to off and switch on with remote management when needed), PPTP 0 FTP set for internal only).
Where might I look at in firewall config.
If you go to
http://budgetscreens.homeip.net/
you will get the website under construction page.
I get
ERROR
The requested URL could not be retrieved
While trying to retrieve the URL: http://budgetscreens.homeip.net/
The following error was encountered:
* Connection Failed
The system returned:
(110) Connection timed out
The remote host or network may be down. Please try the request again.
Your cache administrator is admin@xxxxx.mine.nu.
Generated Tue, 15 Feb 2005 11:12:52 GMT by boss.xxxxx.mine.nu (Squid/2.4.STABLE6)
Thanks again
Stuart
-
Hmmm.
I'm going to summarize this problem really quickly:
1. You have a simple setup of two SME servers
PC---SME---DSL----Internet----DSL---SME---PC
2. Each end PC can connect to anything on the Internet, but they cannot connect to the remote SME.
3. Each SME can connect anywhere on the Internet, but they cannot connect to the other SME
4. You are testing with http.
If this is the case, then the only problem I can see is with your DSL routers. I think they are the problem. Are the programmed correctly. You will need to forward ports from the DSL to the SME, or forward and entire IP through the DSL router.
Does this make sense? These little DSL boxes will allow you to connect from the inside to anywhere on the Internet, but they won't let the Internet connect to them without YOU programming it.
Hope this helps.
-
Other assumptions worth checking.
1 Are both IPs trully static?
2 Does your ISP block port 25
3 Does your browser use a proxy (I.E is the proxy recorded as a trusted address on the remote machine)
4 Are you trying to connect via IP Address or DNS (what happens if you use ip.address not name)
5 Are the domains common on either machines (I.E. mycompany.com on both machines)
-
Stu ... I like #5 :hammer:
-
Hi Jay,
then I thought....
homeip.net is a dynamic address so don't know how quickly the new address is posted/registered.
I suppose the local cached DNS could screw things up?
Not sure what the equivalent to windows ipconfig /flushdns is.
Being able to ping budgetscreens.homeip.net is no guarantee that the machine responding (or not responding) is the actual machine (if the adress is old or DYNDNS no updated)
Maybe it is worth checking the frequency and success of Dyndns update.
-
Thanks to you both
Both ADSL Modems are simple modems and the SME server does the atenticating.
Both SME machines are on fixed IP.
Each machine is setup to a different DYNDNS Domain and setup with a static IP.
From each direction dyndns resolves to the correct IP when they are pinged.
My service provider does not block any ports.
My browser is not setup to use a proxy.
Thanks very much for yor help
Stuart
-
Well Stuart...
Nothing can be wrong then. I mean... if you can go to some other place on the Internet and get into both boxes... but you cannot connect from one box to the other.... and you've checked everything else... I am at a loss. I don't know what it could be.
Maybe it's something obvious. If you need a hand with this send me an email.
-
I also am stumped.
I just bypassed the sme server and set up a normal Linux box to the modem. I still could not connect with the other however I could not try the other way. I will try to in the morning. I tend to think that it may be in the firewall and it is blocking the others IP but I have no experence in iptables.
Thanks for your help and I will report when I know more.
Regards Stuart
-
On reinstalling one box things did not improve in either direction but as soon as I had reinstalled boxes on each end they both saw and worked with each other. I am at a loss to explain whaty has caused my problem. Any help would be greatly appreciated to make sure that I do not have the problem again.
Thanks Stuart :idea:
-
Glad to see I'm not the only one with a problem like this.
I've got SME 6 running here at work for the last 8 months and works great until about 2 weeks ago.
We setup a SME 6 box for a client and it's working great for them reverse dns setup, email server, file server, they love it.
I setup remote access so I can monitor it for them and had been able to access it for about 3 weeks without a problem.
Suddenly I come in one Monday morning and its gone, initially I thought they'd done something silly like shut it down over the weekend. By about 10 that morning when I hadn't heard anything I thought that was it, but I still couldn't access it, no ping, no webmail, no nothing.
I can access it from home without a problem and after some stuffing around found that if I bypass the SME box and connect straight to the net I can access it from hare as well, nothing on the box had changed that weekend except for maybe a clamav update.
I still haven't got to the bottom of it (mainly because of lack of time)......
-
I never did find out what caused the problem however I have had the same problem to another box. the only way I have beem able to resolve it is to reinstall.I do only have a small knoledge of Linux but am learning .Thanks All
Stuart
-
Thats one path I refuse to go down. There has to be a reason for it and when I get the time or they start hitting on me for remote stuff I'll have to have a look at it.........
-
Agreed however I never found it. You have probably looked through the rest of the posts on this.I tended to think it was in the authentication but never found out and with my little knowledge I was lost. I would like to know the cause though. I was trying to use the VPN built into SME and I understand many people seem to have problems with this Just a thought.
Stuart
-
No, I'm running open vpn between here and home and it doesn't/hasn't missed a beat. I never used the bilt in vpn client because of all the posts here complaining about the lack of stability. Openvpn has been rock solid for over six months now. The only time it disconnects is when we have a Telstra problem or I need to reboot a modem at one end or the other. Somewhere along the way I will figure it out.
-
Please keep me informed
Thanks
Stuart