Problem with SMTP and SSH protocols

R

ros_b

Senior Member
Joined
Jul 26, 2010
Messages
713
OK, I'm no Internet tecchie so I may explain this all wrong, but I have been experiencing a problem where I seem to be happily connected to the Internet (web browsing and Skype are working) but I am unable to fetch email from my mail client. Sometimes it works, other times not.

Then the other day I had to connect to a remote machine via SSH (using a program called Putty) and it wouldn't work. I had tested it the night before and it worked fine - I got the connection to the remote machine, logged on and was able to do what I needed to do. Then the next day - I got the connection to the remote machine, but after putting in my login name and password, it just hung. I noticed that I was also unable to send email. But everything else seemed to be working - web browsing, Skype, irc. And when I popped a Cell C sim into my modem, everything worked perfectly.

So the way I understand it, it seems that at certain times, 8ta is unhappy with certain Internet protocols - SMTP and SSH. Does this make any sense? Has anyone else experienced something similar? Any suggestions as to how to rectify?

I'm running Windows 7 on a Lenovo laptop.

Thanks,
Ros.
 
w1z4rd

w1z4rd

Karmic Sangoma
Joined
Jan 17, 2005
Messages
49,747
I can ssh fine on 8ta.

Telkom dns sucks, try setting 8.8.8.8 and 8.8.4.4 are your DNS servers.
 
F

freematrix

Senior Member
Joined
Mar 7, 2007
Messages
820
DNS might be an issue if you are going to the host name. Otherwise do a Telnet to test first to the IP on the ports and see if you at least get a connect.
telnet x.x.x.x 22 or x.x.x 25. If you are not getting a connect, check your PC, stop your Anti Virus.
 
R

ros_b

Senior Member
Joined
Jul 26, 2010
Messages
713
I don't really understand about DNS... but the thing is, I don't change anything on my side. Like this morning... SMTP and SSH wouldn't work. So I disconnected, immediately reconnected, tested SMTP.... it worked. Then did the telnet... and got in no problem. So definitely when SMTP doesn't work, then SSH doesn't work; and if SMTP does work, then SSH also works.

Are you saying that I would be connecting to a different Telkom DNS during different sessions, and that is what determines whether SMTP/SSH work or not? The Telkom DNS that I happen to be using?

I should say that I was given the IP of the remote machine and I tried that rather than the host name, and I got the same problem.
 
Last edited:
w1z4rd

w1z4rd

Karmic Sangoma
Joined
Jan 17, 2005
Messages
49,747
ros_b said:
I don't really understand about DNS... but the things is, I don't change anything on my side. Like this morning... SMTP and SSH wouldn't work. So I disconnected, immediately reconnected, tested SMTP.... it worked. Then did the telnet... and got in no problem. so definitely when SMTP doesn't work, then SSH doesn't work; and if SMTP does work, then SSH also works.

Are you saying that I would be connecting to a different Telkom DNS during different sessions, and that is what determines whether SMTP/SSH work or not? The Telkom DNS that I happen to be using?
Click to expand...
Telkoms DNS servers suck. I never use them.
 
E

elf_lord_ZC5

Honorary Master
Joined
Jan 3, 2010
Messages
12,213
What he is saying is that Telkom/8ta DNS servers are not reliable, some days, I cannot even reach 8ta's own web pages, change the DNS servers used, and BINGO, everthing works ...

Holding both thumbs, hasn't happened in 4 days, and I did complain, but ja, who knows ...
 
Last edited:
H

hartz

Active Member
Joined
Mar 29, 2006
Messages
68
Is anybody else suddenly unable to connect via SSH?

I have a problem connecting to SSH on my server using my Telkom LTE router.

THIS IS DEFINITELY NOT A DNS PROBLEM.

The connection times out, even when using the IP address. traceroute, web access, etc all works fine. When connecting via something else (Eg sharing connection from my Vodacom cell phone) then the connection works fine.
 
S

SKL_H

Active Member
Joined
Apr 5, 2012
Messages
70
In most cases it may be coused by the firewall especially those "internet security" ones their firewall filteres packets which results in the packets not reaching their destination...
 
H

hartz

Active Member
Joined
Mar 29, 2006
Messages
68
Solution found

Turns out this is in fact the security built into the LTE router. I've solved the problem by adding a "whitelist" entry to allow SSH outbound.

The default for the router in HIGH security mode is to allow only a hand-full of protocols, even on outbound. The rule description reads as follow:
SPI(Stateful Packet Inspection)is enable.
Inbound(from internet to intranet)Policy: Dropped.
Remote authorized access will override the inbound policy.
Outbound(from intranet to internet)Policy: Dropped.
The access is allowed to the following services: DHCP, DNS, HTTP, HTTPS
IMAP, POP3, SMTP, FTP, SFTP,TELNET,ICMP.

There are two possible ways to work around this issue: Either add a white-list entry for outbound SSH traffic, or switch to MEDIUM security which is identical to HIGH except that it doesn't block anything on OUTBOUND connections. I tested both solutions. Here are some screen-shots of the solution using HIGH security and the IP rule for SSH on the router management interface.

Firewall-High-Sec-mode-option.jpg

IP-filter-for-HIGH.jpg

It is beyond me how come SFTP is allowed but not SSH, and even POP3 and TELNET is allowed by default while SSH is not. I suppose those decisions were made by the same people who wrote and checked the spelling/grammar in the user interface.
 
You must log in or register to reply here.
Top