0

Background: I have a web server hosted on 10.20.30.177:7000 and it should be accessible from 10.20.30.1 (m1) and 172.17.2.88 (m2). I am able to access from m1 and not from m2. I understand there can be 100 of reasons for this behavior and i am working towards that, and 1 of them is analyzing tcpdump output on the web server and comparing traffic coming from m1 vs m2. I am very new and don’t understand much on tcpdump but I captured and compared and observed below 2 points:

  1. for incoming traffic to webserver few options are different, see this image:

enter image description here

  1. for outgoing traffic from web server: there is no outgoing traffic for request coming from m2. detail log: https://forum.openwrt.org/t/portforward-not-working-to-access-lan-machine-from-wan/88235/22?u=vermapraveen

Can missing option in incoming request cause no outgoing traffic?

berndbausch
  • 1,033
  • 8
  • 12
PKV
  • 101
  • Most likely, the web server has a firewall in place and doesn't accept connection requests from certain subnets or addresses. Check the netfilter rules in place, or the configuration of your firewall software. – berndbausch Feb 11 '21 at 15:03
  • Is 10.20.30.1 your gateway to 172.17.2.88? If so, has your web server a route to 172.17.2.88 with 10.20.30.1 as the next hop? – Mathias Weidner Feb 11 '21 at 15:39
  • 1
    Your packet captures aren't showing enough packets to analyze - make sure you are capturing in BOTH directions. 3-Way Handshake (google it to find out why it's important) In a Nutshell: You should be getting a SYN from the client (check!), replying with a SYN-ACK (not shown in capture but should be), and client responds with an ACK (not shown in successful capture). There's about a 99% chance you either don't have the routing correct and the SYN-ACK is not going to the router correctly, or the router is blocking the outgoing SYN-ACK. – Brandon Xavier Feb 12 '21 at 07:19
  • thanks, my original issue for which i was looking into this is resolved. but this gave me some idea on what to capture and analyze. – PKV Feb 13 '21 at 02:44

0 Answers0