3

I have a virtual machine running RHEL 6, which I can only access after ping.

[user@localhost ~]$ ssh remotehost
Connection timed out.
[user@localhost ~]$ ping remotehost
PING remotehost.example.com (10.1.60.93) 56(84) bytes of data.
64 bytes from remotehost.example.com (10.1.60.93): icmp_seq=1 ttl=61 time=1.65 ms
^C
--- remotehost.example.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 622ms
rtt min/avg/max/mdev = 1.656/1.656/1.656/0.000 ms
[user@localhost ~]$ ssh remotehost
user@remotehost's password:

Everything else seems to be working fine with no problem, but still couldn't reach the root of this issue. What might be causing this behavior ?

Frederico Martins
  • 431
  • 4
  • 15
  • Smells like port knocking – Kitet Sep 22 '16 at 16:05
  • @Kitet, why's that ? – Frederico Martins Sep 22 '16 at 16:13
  • There's a tehnique called port knocking, where normally a service port appears closed on a remote machine by firewall. Only when you connect to a correct sequence of other ports on that machine, a firewall opens the target service port and you can connect. In your case, the "correct sequence of ports" might be just a ping. That's why I thought you have port knocking turned on. I just don't know jack about rhel 6, so I won't try to explain how to turn it off. – Kitet Sep 22 '16 at 16:17
  • Are you the admin of the remote system ? – user9517 Sep 22 '16 at 16:20
  • @Iain, indeed I'm – Frederico Martins Sep 22 '16 at 16:23
  • Is Proxmox your hypervisor? This is a common issue when the network bridge wasn't configured properly, and the host machine doesn't know which VM should be addressed by a given IP, but gets temporarily acknowledged on ICMP. – Tim Sep 22 '16 at 16:29
  • To validate the Answer with duplicata ip. Check your arp table when your ssh is not working then ping and Check your arp table. You should have two Mac matching your ip. – kranteg Sep 22 '16 at 18:16
  • @Tim, I have ESXi – Frederico Martins Sep 23 '16 at 08:05

2 Answers2

1

I also had this issue. I found out that the destination host had the wrong netmask set on the interface (it was using /24 instead of /16). Once I fixed this and rebooted, I could connect immediately.

Collin Baillie
  • 11
  • 1
1

Could be a multiple IP issue (same IP for 2 machines) or a DNS problem. Port Knocking is less likely because using ICMP for portknocking would be pretty dumb (since ICMP has no port).

Try to change the IP address for testing purposes and edit the DNS entry.

Broco
  • 1,999
  • 13
  • 21