-2

i am using below command in the server but it cant connect to given ip and port, I tried to telnet from another locations and it works fine. Only in my server it cant connect. 

telnet
open 151.XXX.235.47 9001

Trying 151.XXX.235.47... 
telnet: connect to address 151.XXX.235.47: Connection timed out

I tried to open debuggin in telnet by using

telnet> toggle debug
Will turn on socket level debugging.

But telnet still gives same output

Trying 151.XXX.235.47... 
telnet: connect to address 151.XXX.235.47: Connection timed out

What should i check in the server to get an idea why it cant connect?

EDIT :

It seems there was a problem with my firewall, we reinstalled it and problem fixed. Thanks for help

user2314575
  • 3
  • 1
  • 6
  • iptables, static routes and/or default gateways if not in the same segment – dawud May 04 '13 at 11:59
  • What do you mean by same segment? – user2314575 May 04 '13 at 14:32
  • Given a /24 mask, your segment is the whole 255 address space. You don't give specifics, so we can only guess. Anyway, you have an answer below that is probably right, did you try it? – dawud May 04 '13 at 15:13
  • yes, i tried it but still server cant access. What specifications can i list here to give more information? – user2314575 May 04 '13 at 15:19
  • `ping $server"`, `traceroute $server` on $server `tcpdump port 9001` during a connection attempt, `iptables -L INPUT -vn` as requested below. – dawud May 04 '13 at 16:07

1 Answers1

4

The first thing to check is your firewall. By default CentOS won't have port 9001 open and unless you've taken steps to open it it's most likely your problem. Take a look at the output of 

iptables -L INPUT -vn

and see if there is a rult that would allow traffic on port 9001. If there isn't or there isn't an obvious rule to allow the traffic then try

iptables -I INPUT -p tcp --dport 9001 -j ACCEPT

If this doesn't fix your problem then it could be any number of other things like for example another firewall between you and the destination that is blocking the port etc...

user9517
  • 115,471
  • 20
  • 215
  • 297
  • i have the rule added like this : pkts : 0 bytes : 0 target : ACCEPT prot : tcp opt : -- in : * out : * source : 0.0.0.0/0 destination : 0.0.0.0/0 tcp dpt:9001 . Shouldnt destination be my ip? if so how can i modify it? – user2314575 May 04 '13 at 12:30
  • @user2314575: 0.0.0.0/0 means any address ... – user9517 May 04 '13 at 12:39
  • After i run "service iptables stop" on the server, It was able to access, but i dont think stopping iptables is good idea. – user2314575 May 04 '13 at 15:35
  • @user2314575: edit your question and include the output of `iptables -L -v -n` – user9517 May 04 '13 at 20:15