I am able to access my website but unable to ping or SSH .

April 6, 2017 4.4k views
Ubuntu LEMP
puia
By:
puia

I am able to access my website but am unable to ping nor am I able to SSH.
I have always been able to SSH successfully until about 2 weeks back. Now I need to use to cloud console but I am unable to SSH.

I have restarted my droplet but to no avail.

I also have another droplet which I am able to SSH to successfully - so the problem is not in my local environment.

Sign In to Comment
4 Answers
puia April 12, 2017

@hansen Thanks …… I increased the RAM on the droplet to 4GB from 2GB, due to an unrelated reason, and now I am able to SSH !!! I have no idea why ???

Report
hansen April 6, 2017

Hi @puia

It sounds like the firewall has become enabled and maybe a bit too blocking.

Can you disable the firewall.

sudo ufw disable

If you still need the firewall, we will make a setup again.

Report
puia April 7, 2017

@hansen I have disabled the firewall .. its still not working…

Report
  • hansen April 7, 2017

    @puia
    If you run this command, what does it show?

    sudo iptables -L

    And does a status of sshd say it’s active (running)?

    sudo systemctl status sshd
    Report
puia April 12, 2017

@hansen Thanks anyways .. still cannot ping though.. :)

Report
  • hansen April 12, 2017

    @puia Then you still have a firewall blocking ICMP. Run the following command to list all firewall rules:

    sudo iptables -L
    Report
    • puia April 13, 2017

      Chain INPUT (policy ACCEPT)
      target prot opt source destination

      ACCEPT all – anywhere anywhere

      ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED
      ACCEPT tcp – anywhere anywhere tcp dpt:222
      ACCEPT tcp – anywhere anywhere tcp dpt:http
      ACCEPT tcp – anywhere anywhere tcp dpt:https
      DROP icmp – anywhere anywhere icmp timestamp-request
      DROP all – anywhere anywhere

      Chain FORWARD (policy ACCEPT)
      target prot opt source destination

      Chain OUTPUT (policy ACCEPT)
      target prot opt source destination

      DROP icmp – anywhere anywhere icmp timestamp-reply

      Report
      • hansen April 13, 2017

        @puia

        You have specifically blocked ICMP pings with the two DROP icmp ...
        Remove those and you will need to add something like this too:

        iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
        Report
Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Related