On Sat, 2015-04-04 at 16:47 -0500, Gregory P. Ennis wrote:
> Everyone,
>
> This morning I did a manual yum update on our a mail server to 7.1
> without any incident or problems. A new kernel was installed, and I
> rebooted after the update.
>
> When I rebooted the machine I could not gain ssh access to it from an
> external ip address. I was able to ssh to this mail server through a
> different machine on the local network.
>
> At first I thought the problem was related to the firewall. I stopped
> firewalld, and fail2ban, and clear all firewall rules without being able
> to gain access.
>
> I disabled firewalld, and fail2ban. I enabled iptables and started it
> without a problem, but I could still not gain access. I removed all
> entries in the host.allow and host.deny files, and this did not make a
> difference either.
>
> On one of the various reboots I tried to use the previous kernel before
> today's update, but there was no success.
>
> I can scan the mail server and reach it without a problem from the
> internal network but I am not able to reach it from outside the local
> network. I have the mail server behind a Centso 5.11 machine that is
> the gateway router for the internal network, and the mail server is nat
> addressed with it's external ip address to the internal machine. I have
> had this configuration set up for over 7 years. I tweaked the Gateway
> router to nat address the mail server's ip address to a different
> machine inside the network and everything worked perfectly like it
> should, and then re-adjusted the gateway router again back to the mail
> server and am not able to gain access from outside the local network.
>
> "traceroute" does not get to the mail server from outside the local
> network, but works fine inside the local network.
>
> Bottom line, this does not look like a host.deny, host.allow problem,
> nor does it look like a firewalld or iptables problem. And it does not
> appear to be a problem with the gateway server.
>
> Is there another feature of CentOs 7.1 that I need to evaluate? Has
> anyone else had this problem after the 7.1 update?
>
> Thank you for your help!!!!
>
> Greg Ennis
>
---------------------------------------------------------------------
I sure need some help on this one, if any of you have ideas of what to
do next I would surely appreciate it. An additional aspect of this
scenario is that when I have used ssh to connect to this mail server via
the internal network, I am able to ssh out of the machine to one of the
internal networks or remotely to a different network. If no one else
has had this problem with 7.1 then it is obviously something I have
done, but right now I am at a loss.
Greg
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
