2

I have a CentOS 7 min installation on a virtual machine with the internal IP of 10.1.10.131 and I installed Apache 2.4.52 on it. I can access the landing page when I put 10.1.10.131 into the browser. However, when I use the external IP address or the domain associated with it I get a time out error. There are no errors being recorded in the Apache logs, which leads me to believe the requests aren't reaching Apache.

In my opinion this means there is an issue with something outside of the CentOS and Apache install causing the issue, due to the fact I can access the landing page using the internal IP address. However, I can't figure out what that issue is.

I have port forwarding on my router setup to send requests on port 80, 8080 and 443 to 10.1.10.131. I have firewalld disabled and I have iptables installed and enabled instead. Here are my iptable rules (these rules don't trigger any errors or warnings and used to work on CentOS 6.5):

/etc/sysconfig/iptables

:INPUT ACCEPT [65:25952]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [62:23642]

# allow loopback
-A INPUT -i lo -j ACCEPT

# allow connections that originate from server
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# icmp rules
#-A INPUT -p icmp --icmp-type any -j ACCEPT
-A INPUT -p icmp --icmp-type echo-request -m limit --limit 20/s --limit-burst 5 -j ACCEPT
#-A INPUT -p icmp -m icmp --icmp-type echo-request -j ACCEPT

# allow internal access to SSH/SFTP and MySQL ports
-A INPUT -s 10.1/16 -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp --dport 22 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p tcp --dport 22 -m state --state NEW -m limit --limit 3/hour --limit-burst 3 -j ACCEPT
-A INPUT -p tcp --dport 22 -j DROP
-A INPUT -s 10.1/16 -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp --dport 3306 -j DROP

# allow external access to Apache ports
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

# misc rules
-A OUTPUT -p tcp -m multiport --dports 6660,6661,6662,6663,6664,6665,6666,6667,7000 -j REJECT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT

I am stumped and would greatly appreciate any feed back or help. I'm willing to provide more information if needed.

EDIT 1: I have a business internet line and a static IP address.

EDIT 2: Could this possibly have something to do with the virtual machine? I'm using Oracle Virtual Box and have the network adapter set as a Bridged Adapter.

Here is the CentOS network setup

/etc/sysconfig/network-scripts/ifcfg-enp0s3

TYPE=Ethernet
PROXY_METHOD=none
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp0s3
UUID=...
DEVICE=enp0s3
ONBOOT=yes
IPADDR=10.1.10.131
PREFIX=24
GATEWAY=10.1.10.1
DNS1=...
DOMAIN=...
IPV6_PRIVACY=no

EDIT 3: I disabled iptables and still had the browser time out when using the external IP address. Which probably means it's not the iptables...

Improve this question
0

1 Answer 1

Reset to default
1

It was not allowing me to connect to the external IP only from within the LAN. It allowed me to connect when using my phone's network, outside the LAN.

Issue resolved.

Improve this answer
1
  • please remember to accept this answer, if not yet possible then please after 24hour. thank you
    – djdomi
    Commented Apr 11 at 9:39

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .