Summary: If I try to connect to an internal server given its dyndns.org hostname, it works from the outside world, but fails if I try from within our intranet.
I have this network configuration E | Internet | | (EXT-IP) ** R ** (Firewall) | (192.168.1.1) ___|___ | | | | M S M M E: external machine R: router firewall for our intranet S: internal server running Linux (in fact it runs Mandrake 9.0) M: internal machines We do not have a fixed IP for our connection so Dynamic DNS is enabled on the router. Let's say the name of the domain as seen from the outside is xxx.dyndns.org. Not many ports are opened on the firewall (mainly SSH, WEB). Of these ports only one (SSH) is forwarded to an internal server (S). The others (including the http port) are unused as the router does not provide any of these services to the outside. Thus doing a ping EXT-IP or wget EXT-IP ends up with a timeout. Let's say the internal IP of our server (S) is 192.168.1.9. Now if I am from (E): > ssh login@EXT-IP works > ssh [EMAIL PROTECTED] works If I am in my internal network: > ssh [EMAIL PROTECTED] works > ssh [EMAIL PROTECTED] fails > ssh login@EXT-IP fails >From a windows machine, pring and tracert to EXT-IP work. >From any Linux machine on my network (M), I can ping my EXT-IP, but cannot traceroute it. If I log into my router and do a traceroute EXT-IP it still doesn't give me any result (even thought it is my external ip address!). If I do a ping, it still works. I thought that this difference came from my router firewall settings. So I disabled it without luck. tracert on windows still works while traceroute on linux doesn't. Disabling the firewall on the router and to retest these last two comamnds from within the router or from within our internal network, but traceroute stil fails.. To me this seemed like a routing problem from either my router or at my ISP. The routing as seen from my router was: Dest FF Len Device Gateway Metric stat Timer Use 80.212.0.0 00 32 poe0 80.212.0.0 1 03a9 0 0 192.168.1.0 00 24 enet0 192.168.1.1 1 041b 0 1119377 default 00 0 poe0 ISPNAME 1 00ab 0 892835 I tried to drop the first entry. It seemed to be redundant with the 3rd, and as it seemed to not be used (Use=0). That didn't help. Now I am out of ideas. So if anybody can tell me why I cannot make a traceroute on linux or an ssh to my external ip from within my network, I would be happy. Last notes, don't know if they help... My server (S) /etc/hosts file contains the following: 127.0.0.1 localhost.localdomain localhost 192.168.1.9 myname.mydomain.no xxx.dyndns.org myname Note: myname.mydomain.no is not yet a declared host as the sub-domain with the same name has not yet been registered. Cheers, Jerome -- Jerome Lacoste (Frisurf) <[EMAIL PROTECTED]> CoffeeBreaks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
