Cannot telnet and/or connect on some IP

[phototoy_co]

I replaced my old version of Zentyal from v2 to v3 with the new hardware. All seems to be working as expected with 1 issue, i cannot telnet and/or connect on specific IP lets say 10.37.2.17 using the new Zentyal. But when i returned back to original Zentyal everything is working well. I tried pinging using new Zentyal and it has reply, tried telneting to 10.37.2.16 and it is working. I do not know what I'm missing

[klausneil]

you want this to be done on the LAN or the WAN, also check on the rules you have an internal network that allows these connections, but also you can create a service icmp for access ping.

[phototoy_co]

you want this to be done on the LAN or the WAN, also check on the rules you have an internal network that allows these connections, but also you can create a service icmp for access ping.

I want this to be done on LAN side. What do you mean service ICMP? I tried pinging 10.37.2.17 and i got reply. What is weird is that i can telnet via putty on 10.37.2.16 and other IPs

[phototoy_co]

Seems the world does not care...

[Lonniebiz]

Sorry, I find ambiguity in the description of your problem.

Are you trying to telnet to an ip that is on your Zentyal server, or are you trying to telnet from your Zentyal server to another IP (served by a completely different server)?

If it is the Zentyal server (that you've upgraded) that you cannot access via telnet, can you access it via ssh? I've read that it isn't secure to access via Telnet (because the communication is not encrypted), and most likely Zentyal blocks such connections (with the firewall) by default.

The firewall is also capable of blocking outbound traffic. So, either way, I'd check your settings at:
Zentyal Web Interface > Firewall > Packet Filter

[phototoy_co]

Sorry, I find ambiguity in the description of your problem.

Are you trying to telnet to an ip that is on your Zentyal server, or are you trying to telnet from your Zentyal server to another IP (served by a completely different server)?

If it is the Zentyal server (that you've upgraded) that you cannot access via telnet, can you access it via ssh? I've read that it isn't secure to access via Telnet (because the communication is not encrypted), and most likely Zentyal blocks such connections (with the firewall) by default.

The firewall is also capable of blocking outbound traffic. So, either way, I'd check your settings at:
Zentyal Web Interface > Firewall > Packet Filter

I'm trying to access 10.37.2.17 on LAN. I used putty in connecting but still it does not work. I tried to putty on 10.37.2.16 and it work. Firewall settings are in always "ALLOWED"

[BrettonWoods]

Your going to have to put some description of your network.

Nics Ip Address and subnets with netmasks.

In the firewall list your ports.

[Lonniebiz]

I'm trying to access 10.37.2.17 on LAN.

Are both 10.37.2.17 and 10.37.2.16 served by the Zentyal server that you've upgraded?

When you say "on LAN" it is ambiguous to me because both your Zentyal-server (you've upgraded) and other servers (that also serve telnet) can be located on your LAN.

Is the Zentyal server (you've upgraded) the source or the destination while you are trying these telnet connections? If it is the destination, then either the service isn't listening on that IP and port, or your firewall is blocking it from hearing packets destined to that ip and port.

So you'll either have to modify the configuration of the listening service or the firewall it seems.

[christian]

Seems the world does not care...

As written on the other post,    do not cross-post please and provide more technical background about your network and settings if you expect some help.
Keep also in mind that this is a forum, not help-desk with people "on duty". At 5:00am CET, quite a lot of Zentyal users is still sleeping 

[phototoy_co]

Seems the world does not care...

As written on the other post,    do not cross-post please and provide more technical background about your network and settings if you expect some help.
Keep also in mind that this is a forum, not help-desk with people "on duty". At 5:00am CET, quite a lot of Zentyal users is still sleeping 

I understand your rant. If that is an issue to you then this will be the last time asking help from this forum. I guess i maybe wrong deploying 33 Zentyal server via lanner. Its not that since you know everything in Zentyal it will make you bossy or GOD. Delete my account or banned me here, its just my 2 cents.

[christian]

I'm not ranting but suggesting that you do not cross-post and provide more technical details so that one can help.
Then, I not moderating it so it's up to you.
My point is that with multiple posts describing same issue, reader lose background. Then, again, it's up to you.

Let me put it into some perspective so that you understand better my point, this may help you:

- you start posting: "I want to migrate using copy/paste" and when I ask about more detail because it looked somewhat strange to me, you almost didn't provide any but ended with "solved but now I've another issue"
Regarding this issue, there is not technical detail neither + another post describing same problem. Posting at 3:00am CET, you come back 2 hours later wondering why there is no answer at 5:00CET 

I'm prone to help if I can but what can I do with so few inputs?
As I assume it will be the same for other forum members, I suggest you try another approach. No rant here, trust me 

[phototoy_co]

I'm trying to access 10.37.2.17 on LAN.

Are both 10.37.2.17 and 10.37.2.16 served by the Zentyal server that you've upgraded?

When you say "on LAN" it is ambiguous to me because both your Zentyal-server (you've upgraded) and other servers (that also serve telnet) can be located on your LAN.

Is the Zentyal server (you've upgraded) the source or the destination while you are trying these telnet connections? If it is the destination, then either the service isn't listening on that IP and port, or your firewall is blocking it from hearing packets destined to that ip and port.

So you'll either have to modify the configuration of the listening service or the firewall it seems.

Ok, here are the details:

[phototoy_co]

The 1st Zentyal is doing the "Policy stuff" like HTTP proxy, VPN server
The 2nd Zentyal is doing the "Routing" static routing

[christian]

much clearer, thank you, although I still try to figure how routing works in your implementation.
Let me "rephrase" it, just to be sure:
- from internet, you've 2 ISP each been connected to front-end Zentyal with 2 external interfaces and one internal linked to another Zentyal with some interfaces (I can't really figure out how many). On one of these interfaces, you connect your clients spread among different subnets (as there is not netmask, I can't really be accurate).
- although this might not be critical, I wonder if you have different interfaces for each subnet of if you have set up virtual IPs on same NIC

- what would help further is that you clarify from where to where is your telnet command failing/working

[phototoy_co]

much clearer, thank you, although I still try to figure how routing works in your implementation.
Let me "rephrase" it, just to be sure:
- from internet, you've 2 ISP each been connected to front-end Zentyal with 2 external interfaces and one internal linked to another Zentyal with some interfaces (I can't really figure out how many). On one of these interfaces, you connect your clients spread among different subnets (as there is not netmask, I can't really be accurate).
- although this might not be critical, I wonder if you have different interfaces for each subnet of if you have set up virtual IPs on same NIC

- what would help further is that you clarify from where to where is your telnet command failing/working

Yes you are correct.