hugh nicks
January 16th, 2003, 11:17
hey guys. long time no post for me...
i've just set up a redhat server on my company's network to run a specific organizer program, and everything seems ok. i've assigned the box a static ip, and entered it into my hosts file on my freebsd server. from a client box (win xp), i can't ping the redhat server. what did i forget? i have everything running through a samba domain. i know i'm just forgetting something silly.

:oops:

thanks in advance guys.

btw, happy new year everyone.

h. nicks

hugh nicks
January 16th, 2003, 12:06
i almost forgot....i can't ping the redhat box from my main file server, but i can ping the file server from the redhat box. sorry again.

-hn-

bsdjunkie
January 16th, 2003, 12:12
Can you post more information? Like ifconfig -a output, address of boxes in question, routing tables, etc??


:roll:

hugh nicks
January 16th, 2003, 12:22
for which computer? which do you want the info for? my domain has been running for a few months now with no complaints, it's just the redhat box that doesn't work. it has it's ip, i can surf the net on it, it can ping my main server at 192.168.1.2. however, when i ping from my main box to the redhat box,(1.5) i get....ping: sendto: Host is down.
what other file do i need to make an entry in besides the hosts file?

thanks junkie.

-hn-

bsdjunkie
January 16th, 2003, 12:30
Whats the IP address on the redhat box? Is it on the same subnet as the other server? Almost sounds like a route is missing one way.

hugh nicks
January 16th, 2003, 12:34
sorry, should have made it clearer on the last post.

apollo 192.168.1.2
redhat 192.168.1.5

Kernel_Killer
January 16th, 2003, 12:39
Since you are trying to get a connection from a Win machine to it, did you try to do a 'tracert' to see if the connection is going through correctly? If you hit 192.168.1.5, you might have just blocked port 7 I believe it is to where pings are worthless.

bsdjunkie
January 16th, 2003, 12:45
Would it be possible for you to get a tcpdump session of whats going on? I think that would make it obvious where the issuse is.

hugh nicks
January 16th, 2003, 12:45
the only thing i tried on the win machine was to use the client app to connect to the redhat server. once that didn't work, i went right to my other server, and tried the ping. so this is a direct server to server lookup. the win box is a non issue right now.

but....

if i do the tracert on the win box, this is what it spits:

1 * * * request timed out
2 * * * request timed out
so on and so forth...

hugh nicks
January 16th, 2003, 12:47
Would it be possible for you to get a tcpdump session of whats going on? I think that would make it obvious where the issuse is

i'm not familiar with how to do that junkie. sorry, i've just never done it before.

thanks.

bsdjunkie
January 16th, 2003, 12:49
I dont know if this could be an issue or not, but when installing redhat, did you install the firewall with it at a high security level? Ive never used redhats firewall setup, but im wondering if maybe a high level would block ICMP.

Kernel_Killer
January 16th, 2003, 12:51
This is the thing, even the first connection you're going into, rather it be a router, hub, another computer, whatever, is also blocking the connection. You should be getting resolution upon the hops. Can your Win box connect to anything?

hugh nicks
January 16th, 2003, 12:52
good thought junkie, but i know that i didn't. i remember seeing that optin during the install, but i didn't set it. does anyone know of a surefire way to check that?

Kernel_Killer
January 16th, 2003, 12:56
I'n RedHat, go into CLI, and type 'setup'. Go to "Security". Maybe the place you are looking for.

hugh nicks
January 16th, 2003, 12:58
for kk..

my win laptop (192.168.1.147) can connect to my samba domain. my main server is 192.168.1.2. i can see all the shares in my domain, and browse through them.

i am using putty to connect to my server (192.168.1.2) and can do everything as if i was sitting at the console.

the redhat box is 192.168.1.5. I can ping my main server. i can surf the net.

the only thing i can't do connect to the redhat server. from anything.

hope this helps!

Kernel_Killer
January 16th, 2003, 13:07
Ty. Helps quite a bit. Just let's me know that RH has been set to block such ICMP/IGMP instuctions. Also, you might want to check out the app for RH security, GuardDog. Really easy to setup, but very intricate if high-paranoid security is needed. A little more cutomization in it than the RH firewall utility in 'setup'. You can also check out FireStarter. Not as good as GuardDog though. :P

hugh nicks
January 16th, 2003, 13:24
unbelievable.

i tried going into the "setup" on the redhat box, and realized that its not taking any of my changes. no matter what i put in, as soon as i close the window, everything resets. looked closer at the ping screen, and the stupid box is dhcping an address. i can't get it to stop, even when i hardcode an ip into the setup screen. what the *^&# is going on?

this entire time i thought the ip was set to 1.5, but its 1.120. i'm confused because the only place i set these parameters was during the install. no dhcp, no firewall, static ip.

stupidness. :x

anyone know how i can turn off dhcp, without using "setup" from the command line?

hugh nicks
January 16th, 2003, 13:44
i figured it out. after that dhcp fiasco, i rebooted the box, set my stuff in again, and bingo. i'm up and running. i think what happened was the box must have dhcp'd an address while i was setting it up, and it never released it because i never rebooted. i never rebooted because once i got redhat installed, i installed my program, got it configured and up and running, and tried to connect from my client. that was yesterday evening. so when i came in today, everything was as it was last night. the reboot got rid of the dhcp client, and i now have a static ip. my client can connect, my server can see the redhat box now, and superman has returned to his fortress of solitude.

sorry to bug everyone this morning with that crap. thanks to all those who helped, because it was talking through it that got led me to figure out what the issue was.

thanks again.

-hugh nicks-

Kernel_Killer
January 16th, 2003, 16:31
The only bad thing about 'setup' is that it doesn't reboot the services that it alters. :P

Great to see all went well. :D

bsdjunkie
January 17th, 2003, 09:44
=)

schotty
January 17th, 2003, 16:54
sorry to chime in late, but sometimes a "sudo /sbin/service network restart" will help out more than you think. That will restart the network devices.

elmore
January 18th, 2003, 03:00
Sorry guys but I needed to move this to a more appropriate forum.