Can't externally ping my server

Question

I set up an a Ubuntu Server with LAMP and am trying to access it externally.

What I did:

I set up an account at no-ip.com following this article

I gave the server a local static ip of 192.168.1.127 and forwarded the port 80 and 22 (both externally and locally) to that ip adress. I also forwarded port 50005 external to port 80 internal.

I found my external ip via Portcheckers. To my understanding, the external ip is the same for all computers and routers on my network.

The problem

I check ports 80, 22 and 50005 with portcheckers and all of them (along with all other major ports) were said to be unavailable.

I also tried to ping my server's external ip from portcheckers and got Ping Failed: TimedOut I tried pinging the ip address from the terminal, but it froze after PING myhost.no-ip.org (66.XXX.XXX.XX) 56(84) bytes of data. When I tried to connect to the sever though my browser I got the Oops! Google Chrome could not connect to... message.

Info

I can connect to my server locally(192.168.1.127) through ssh, sftp, and http.

I have a Linksys E320 router, and I disabled the firewall.

Please let me know if I need to provide my external ip. Thanks for the help.

EDIT

I modified /etc/apache2/ports.conf to listen to port 50005 instead of 80 by replacing Listen 80 with listen 50005

You should generally never disable your firewall. First get pings and such to work using IP address, then figure out DNS issues. Be sure you are checking your public IP address using a source outside of the local network (portcheckers is fine). Set up port forwarding on an unused port (e.g. 63242) and set up the web server to serve on that port, then test. It's possible your ISP blocks inbound traffic on popular ports. Also, check if [UFW](https://help.ubuntu.com/12.04/serverguide/firewall.html) is running and what ports it is blocking with `sudo ufw status`. — Paul, Jul 07 '14 at 00:36
Have you tried using the No-IP update tool? From memory they refer to it as DUC. — Michael Frank, Jul 07 '14 at 04:23
@MichaelFrank I thought the update tools were only used if the server has a dynamic local ip address — TAAPSogeking, Jul 07 '14 at 04:33
@Paul I only disabled the firewall to troubleshoot. Relatedly, ufw is disabled. Do you have any suggestions as to how I could get pings and such to work using IP address? All the ports I scanned were unavailable and a port 80 redirect failed. I would assume that my main problem is that I can't externally ping my ip address — TAAPSogeking, Jul 07 '14 at 04:39
@TAAPSogeking No, the tool is designed to keep your domain name in sync with your dynamically changing external IP. — Michael Frank, Jul 07 '14 at 04:41
@Michael Thank you for correcting me; I successfully installed the [duc](https://www.noip.com/download?page=linux). However, my external ip has not changed since I set up my account, so I do not believe it is relevant to my problem — TAAPSogeking, Jul 07 '14 at 05:25
Ubuntu responds to services that are configured, so if you only have SSH and Apache configured on ports 22 and 80, then those are the only ports Ubuntu will respond to. IOW, if the only ports you have configured are the popular ports and your ISP is blocking inbound traffic on those ports, then it will appears as if your server is not responding. However, we don't know this is the case until you can get some kind of response on any port from a public IP address. It would be best to configure a service to respond on an unused port, as previously recommended. — Paul, Jul 07 '14 at 05:34
@Paul Ok I have Apache listening to port 50005; I still can't ping my external ip address — TAAPSogeking, Jul 07 '14 at 16:25
You won't be able to ping your external address if your modem/router isn't set to reply to the request... in your modem/router settings do you have anything that says not to reply to ping/ICMP requets? — Kinnectus, Jul 07 '14 at 16:27
@BigChris Yes, I have an internet filter and a firewall on my router, but they have been diabled — TAAPSogeking, Jul 07 '14 at 16:31
1) Log in to your router web interface 2) Click "Security." 3) Click to uncheck "Filter anonymous Internet requests." 4) Click "Save Settings" 5) restart your router for good measure 6) use your portchecker/external site to ping your public IP. — Kinnectus, Jul 07 '14 at 16:39
@BigChris I tried that again, but I still got the `Ping Failed: TimedOut` message — TAAPSogeking, Jul 07 '14 at 17:01
I see that you're using an E3200 (a router).. Have you forwarded all traffic from your MODEM? Your modem is probably the cause of all this... You need to either forward the ports on your modem to your router, or set your modem to give your public IP to your E3200 (or put it in the DMZ). — Kinnectus, Jul 07 '14 at 17:21
Does your setup look like this: modem -> E3200 -> server... http://www.tp-link.us/resources/images/faq/200935194152746.jpg — Kinnectus, Jul 07 '14 at 17:23
Is the WAN IP address reported by your E3200 also your public IP address? If so, then there isn't any need to do any port forwarding in your modem. Yes, I forgot to mention that you need to set up port forwarding on the unused port (50005) to your server. If that fails, try putting your E3200 behind some other routing device and attempt to ping through the firewall to your server. If that fails, and all settings on the E3200 appear correct, contact your ISP and ask them about inbound port policies. Also ask if they have some sort of security in place that might also affect such traffic. — Paul, Jul 07 '14 at 18:15
@BigChris I believe my modem is built in to my router because I don't see an external modem connected to my router. How would I forward all traffic from your MODEM? I don't know how to access my modem's settings — TAAPSogeking, Jul 07 '14 at 18:39
@BigChris My fault; I do have an external modem connected to the "Internet" port on my router. I missed it before because it looked like an adapter. — TAAPSogeking, Jul 07 '14 at 21:19
You may want to look at either giving your E3200 the public IP from your modem or putting it into the modem DMZ - it may only have the public IP option if it's only a modem. Read its manual or look up how to configure it :) — Kinnectus, Jul 07 '14 at 21:46

Funny Geeks · Answer 1 · 2022-01-26T11:57:26.887

WHY I AM WRONG

I say that the reason you can't ping is: the router never forwards the echo request to your server, but that doesn't explain why the router itself doesn't reply to the echo request. On my home network, I can ping my router directly (192.168.1.254), so why is it that when I try to ping it externally it doesn't work?

My best guess

I'm still learning this, so this info may not be accurate. I largely got my answer from https://community.spiceworks.com/topic/85353-forward-pings-from-the-router-to-the-server-behind-it

You're inability to ping isn't really your fault, but really the fault of the limited design of IPv4. I'm assuming your router has a designated IP address, and you have it set up to forward the ports 80, 22, and 50005 to some computer of your choosing; This is your router using Port Address Translation (PAT), which is a particular type of Network Address Translation (NAT).

When you ping a server, ping transmits an Internet Control Message Protocol (ICMP) Echo Request message and waits for a return message.

The problem is that ICMP is so low level that it doesn't have ports. So your router is not forwarding the ICMP echo requests to your server, because your router is only forwarding ports, hence no ping.

Instead of using ping to check if your server is up and running, you might be able to do a workaround with telnet 25. I haven't set that up on my server yet so I'm not sure how to do that.

I got it to work? Instead of doing port forwarding, I went to Firewall > IP Passthrough, and I changed my allocation mode from "Passthrough" to "Default Server", and I set the default server as the internal IP that my laptop server is using (192.168.1.99).

Now ping works. I'm honestly not sure if my situation is anything like your situation, so I hope to get a reply from you soon.

Can't externally ping my server

1 Answers1