Question

I am able to access my website but unable to ping or SSH .

Posted April 6, 2017 4.5k views
UbuntuLEMP

I am able to access my website but am unable to ping nor am I able to SSH.
I have always been able to SSH successfully until about 2 weeks back. Now I need to use to cloud console but I am unable to SSH.

I have restarted my droplet but to no avail.

I also have another droplet which I am able to SSH to successfully - so the problem is not in my local environment.

Add a comment
puia
By:
puia
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
4 answers
puia April 12, 2017

@hansen Thanks …… I increased the RAM on the droplet to 4GB from 2GB, due to an unrelated reason, and now I am able to SSH !!! I have no idea why ???

Reply Report
hansen April 6, 2017

Hi @puia

It sounds like the firewall has become enabled and maybe a bit too blocking.

Can you disable the firewall.

sudo ufw disable

If you still need the firewall, we will make a setup again.

Reply Report
puia April 7, 2017

@hansen I have disabled the firewall .. its still not working…

Reply Report
  • hansen April 7, 2017

    @puia
    If you run this command, what does it show?

    sudo iptables -L

    And does a status of sshd say it’s active (running)?

    sudo systemctl status sshd
    Reply Report
puia April 12, 2017

@hansen Thanks anyways .. still cannot ping though.. :)

Reply Report
  • hansen April 12, 2017

    @puia Then you still have a firewall blocking ICMP. Run the following command to list all firewall rules:

    sudo iptables -L
    Reply Report
    • puia April 13, 2017

      Chain INPUT (policy ACCEPT)
      target prot opt source destination

      ACCEPT all – anywhere anywhere

      ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED
      ACCEPT tcp – anywhere anywhere tcp dpt:222
      ACCEPT tcp – anywhere anywhere tcp dpt:http
      ACCEPT tcp – anywhere anywhere tcp dpt:https
      DROP icmp – anywhere anywhere icmp timestamp-request
      DROP all – anywhere anywhere

      Chain FORWARD (policy ACCEPT)
      target prot opt source destination

      Chain OUTPUT (policy ACCEPT)
      target prot opt source destination

      DROP icmp – anywhere anywhere icmp timestamp-reply

      Reply Report
      • hansen April 13, 2017

        @puia

        You have specifically blocked ICMP pings with the two DROP icmp ...
        Remove those and you will need to add something like this too:

        iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
        Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help