Why only part of ports on my machine can be reached from external ip? Announcing the arrival...

How can I make names more distinctive without making them longer?

How to align text above triangle figure

What would be the ideal power source for a cybernetic eye?

How widely used is the term Treppenwitz? Is it something that most Germans know?

In predicate logic, does existential quantification (∃) include universal quantification (∀), i.e. can 'some' imply 'all'?

What is the logic behind the Maharil's explanation of why we don't say שעשה ניסים on Pesach?

Why did the Falcon Heavy center core fall off the ASDS OCISLY barge?

51k Euros annually for a family of 4 in Berlin: Is it enough?

Error "illegal generic type for instanceof" when using local classes

Can a non-EU citizen traveling with me come with me through the EU passport line?

What's the purpose of writing one's academic biography in the third person?

Why are Kinder Surprise Eggs illegal in the USA?

Why is my conclusion inconsistent with the van't Hoff equation?

What causes the vertical darker bands in my photo?

What's the meaning of 間時肆拾貳 at a car parking sign

What does "fit" mean in this sentence?

Is the Standard Deduction better than Itemized when both are the same amount?

How do pianists reach extremely loud dynamics?

How to bypass password on Windows XP account?

How come Sam didn't become Lord of Horn Hill?

Bete Noir -- no dairy

Fundamental Solution of the Pell Equation

The logistics of corpse disposal

2001: A Space Odyssey's use of the song "Daisy Bell" (Bicycle Built for Two); life imitates art or vice-versa?



Why only part of ports on my machine can be reached from external ip?



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Host-only openSUSE VMWare Player guest not pingable from Windows 7 hostCannot connect SSH from external IPsetting up an ssh server behind a routerOpening a port on CentOS server not working externally?telnet port 23 connection failed window 7Why can't I make a SSH over HTTPS tunnel to my home server?How to make a service to use a specific IP and its ports? To run multiple servers on same machine with multiple IPs; dedicated IP for each serviceForwarding External Ports to specific internal machines depending on the service typeHow do I port forward from adapter to localhost, changing portsSSH to a container from an external machine





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







1















I'm trying to achieve my remote service with port 5601. But unfortunately i can't open the website.



Here is something i tried to find out why it's not working:

I logged in remote server and tried "telnet localhost 5601" and "telnet 192.168.x.x 5601", it works fine.

But "telnet 114.116.x.x 5601" failed.



The remote server i use is a cloud server and i can reach it using ssh. And i also checked some of my docker service with port (10450, 10460...), the result is they can be reached using external ip.
SO maybe the problem is on 5601 service. And then i write a little helloworld web program with listening host "0.0.0.0:2700" to find out. turns out it cannot be reached from external ip neither.



So is there something wrong with my service or my network? If there is, how can i fix it? Really appreciated.



os: centos7

firewall: off

network: ok



tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    
tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN 6121/./bin/../node/
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1403/sshd
tcp6 0 0 :::443 :::* LISTEN 18807/docker-pro
tcp6 0 0 :::10460 :::* LISTEN 3966/docker-proxy-c
tcp6 0 0 :::10430 :::* LISTEN 4552/docker-proxy-c

telnet 114.116.X.X 10450
Trying 114.116.X.X...
Connected to 114.116.X.X.
Escape character is '^]'.

telnet 114.116.X.X 5601
Trying 114.116.X.X...


just won't work for 5601 and 2700.










share|improve this question









New contributor




J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 1





    Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)

    – grawity
    18 hours ago













  • @grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?

    – J.ben
    17 hours ago













  • @grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?

    – J.ben
    15 hours ago




















1















I'm trying to achieve my remote service with port 5601. But unfortunately i can't open the website.



Here is something i tried to find out why it's not working:

I logged in remote server and tried "telnet localhost 5601" and "telnet 192.168.x.x 5601", it works fine.

But "telnet 114.116.x.x 5601" failed.



The remote server i use is a cloud server and i can reach it using ssh. And i also checked some of my docker service with port (10450, 10460...), the result is they can be reached using external ip.
SO maybe the problem is on 5601 service. And then i write a little helloworld web program with listening host "0.0.0.0:2700" to find out. turns out it cannot be reached from external ip neither.



So is there something wrong with my service or my network? If there is, how can i fix it? Really appreciated.



os: centos7

firewall: off

network: ok



tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    
tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN 6121/./bin/../node/
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1403/sshd
tcp6 0 0 :::443 :::* LISTEN 18807/docker-pro
tcp6 0 0 :::10460 :::* LISTEN 3966/docker-proxy-c
tcp6 0 0 :::10430 :::* LISTEN 4552/docker-proxy-c

telnet 114.116.X.X 10450
Trying 114.116.X.X...
Connected to 114.116.X.X.
Escape character is '^]'.

telnet 114.116.X.X 5601
Trying 114.116.X.X...


just won't work for 5601 and 2700.










share|improve this question









New contributor




J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 1





    Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)

    – grawity
    18 hours ago













  • @grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?

    – J.ben
    17 hours ago













  • @grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?

    – J.ben
    15 hours ago
















1












1








1








I'm trying to achieve my remote service with port 5601. But unfortunately i can't open the website.



Here is something i tried to find out why it's not working:

I logged in remote server and tried "telnet localhost 5601" and "telnet 192.168.x.x 5601", it works fine.

But "telnet 114.116.x.x 5601" failed.



The remote server i use is a cloud server and i can reach it using ssh. And i also checked some of my docker service with port (10450, 10460...), the result is they can be reached using external ip.
SO maybe the problem is on 5601 service. And then i write a little helloworld web program with listening host "0.0.0.0:2700" to find out. turns out it cannot be reached from external ip neither.



So is there something wrong with my service or my network? If there is, how can i fix it? Really appreciated.



os: centos7

firewall: off

network: ok



tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    
tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN 6121/./bin/../node/
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1403/sshd
tcp6 0 0 :::443 :::* LISTEN 18807/docker-pro
tcp6 0 0 :::10460 :::* LISTEN 3966/docker-proxy-c
tcp6 0 0 :::10430 :::* LISTEN 4552/docker-proxy-c

telnet 114.116.X.X 10450
Trying 114.116.X.X...
Connected to 114.116.X.X.
Escape character is '^]'.

telnet 114.116.X.X 5601
Trying 114.116.X.X...


just won't work for 5601 and 2700.










share|improve this question









New contributor




J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I'm trying to achieve my remote service with port 5601. But unfortunately i can't open the website.



Here is something i tried to find out why it's not working:

I logged in remote server and tried "telnet localhost 5601" and "telnet 192.168.x.x 5601", it works fine.

But "telnet 114.116.x.x 5601" failed.



The remote server i use is a cloud server and i can reach it using ssh. And i also checked some of my docker service with port (10450, 10460...), the result is they can be reached using external ip.
SO maybe the problem is on 5601 service. And then i write a little helloworld web program with listening host "0.0.0.0:2700" to find out. turns out it cannot be reached from external ip neither.



So is there something wrong with my service or my network? If there is, how can i fix it? Really appreciated.



os: centos7

firewall: off

network: ok



tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    
tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN 6121/./bin/../node/
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1403/sshd
tcp6 0 0 :::443 :::* LISTEN 18807/docker-pro
tcp6 0 0 :::10460 :::* LISTEN 3966/docker-proxy-c
tcp6 0 0 :::10430 :::* LISTEN 4552/docker-proxy-c

telnet 114.116.X.X 10450
Trying 114.116.X.X...
Connected to 114.116.X.X.
Escape character is '^]'.

telnet 114.116.X.X 5601
Trying 114.116.X.X...


just won't work for 5601 and 2700.







networking telnet netstat






share|improve this question









New contributor




J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 18 hours ago









grawity

244k37515576




244k37515576






New contributor




J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 18 hours ago









J.benJ.ben

84




84




New contributor




J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 1





    Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)

    – grawity
    18 hours ago













  • @grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?

    – J.ben
    17 hours ago













  • @grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?

    – J.ben
    15 hours ago
















  • 1





    Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)

    – grawity
    18 hours ago













  • @grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?

    – J.ben
    17 hours ago













  • @grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?

    – J.ben
    15 hours ago










1




1





Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)

– grawity
18 hours ago







Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)

– grawity
18 hours ago















@grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?

– J.ben
17 hours ago







@grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?

– J.ben
17 hours ago















@grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?

– J.ben
15 hours ago







@grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?

– J.ben
15 hours ago












1 Answer
1






active

oldest

votes


















1















the IP address (114.116.x.x) does not show up in ip addr,




Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)



(This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)






share|improve this answer
























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });






    J.ben is a new contributor. Be nice, and check out our Code of Conduct.










    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1425969%2fwhy-only-part-of-ports-on-my-machine-can-be-reached-from-external-ip%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1















    the IP address (114.116.x.x) does not show up in ip addr,




    Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)



    (This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)






    share|improve this answer




























      1















      the IP address (114.116.x.x) does not show up in ip addr,




      Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)



      (This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)






      share|improve this answer


























        1












        1








        1








        the IP address (114.116.x.x) does not show up in ip addr,




        Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)



        (This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)






        share|improve this answer














        the IP address (114.116.x.x) does not show up in ip addr,




        Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)



        (This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 15 hours ago









        grawitygrawity

        244k37515576




        244k37515576






















            J.ben is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            J.ben is a new contributor. Be nice, and check out our Code of Conduct.













            J.ben is a new contributor. Be nice, and check out our Code of Conduct.












            J.ben is a new contributor. Be nice, and check out our Code of Conduct.
















            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1425969%2fwhy-only-part-of-ports-on-my-machine-can-be-reached-from-external-ip%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...

            Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

            VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...