locked
Unable to SSH using public IP address after changing system configuration RRS feed

  • Question

  • I have a custom Linux VM. I have attached it to a NIC interface which is in a particular VNET. Now i have enabled the SSH access and other things to that NICs NSG rules. On initial boot ie before applying some changes to the VM. I can SSH to that VM without any problem using the Public IP address allocated for that NIC. But after i changed some internal configuration inside the VM. I can notice that the public IP is not reachable. But the system has its internal IP intact. I can reach the same VM from its internal IP from another VM in the same VNET. But unable to SSH to the VM using its public IP. What might have gone wrong? 

    Using ASDK 1910.

    Thursday, March 19, 2020 10:45 AM

All replies

  • The OS really only sees the NIC. I would look into the NSG rules on the VM first, as well as any OS firewalls to make sure the traffic is allowed through. 
    Thursday, March 19, 2020 4:45 PM
  • NSG rules I have set the ports to listen to SSH(22 port) and also have set other inbound and outbound rules enabled. 

    The same nic worked fine before some OS configuration(not related to network). 

    But what I see is we can SSH using private IP but not using public IP.

    Thursday, March 19, 2020 7:11 PM
  • Are you able to establish a TCP Connection via the public IP? You can use PSPING, telnet, or any other TCP connectivity to test. 

    If you are able to establish a TCP Connection but unable to SSH, the OS is rejecting the connection, but is receiving it. 

    If you are unable to establish a TCP connection, then there could be something functionally wrong with the PIP or NIC, or a firewall is blocking the connection. 

    Friday, March 20, 2020 1:33 AM
  • These are the results of Psping on that NIC.

    .\psping.exe -t 192.168.102.40

    PsPing v2.10 - PsPing - ping, latency, bandwidth measurement utility
    Copyright (C) 2012-2016 Mark Russinovich
    Sysinternals - www.sysinternals.com

    Pinging 192.168.102.40 with 32 bytes of data:
    Infinite iterations (warmup 1) ping test:
    Error pinging 192.168.102.40:
    Request timed out.
    Error pinging 192.168.102.40:
    Request timed out.

      Sent = 1, Received = 0, Lost = 1 (100% loss),
      Minimum = 0.00ms, Maximum = 0.00ms, Average = 0.00ms
    Control-C

    I think the issue is with the network interface. As the internal IP is accessing and works totally fine. If the OS was rejecting it then it should have rejected the SSH from internal IP too rite? Not sure. Your assistance would be more helpful. @TravisCragg_MSFT

    Friday, March 20, 2020 4:49 AM
  • One more thing to notice is that. My VM launches a UI when the IP is put into the Webpage. But after this configuration even im not able to launch that webpage using that PIP. But Internal IP it works fine.
    Friday, March 20, 2020 6:01 AM
  • Hey Rajath, 

    can you add the port to your ping test?

    .\psping.exe -t 192.168.102.40:80

    .\psping.exe -t 192.168.102.40:22

    It is possible there is an issue with the NIC / Public IP. To reset the NIC, all you need to do is set the DIP (VNET IP) to static on the NIC configuration. 

    Not being able to get to the webpage is consistent with your other symptoms, as the PIP is either not accepting connections or is being blocked, even when the request comes from within the VM. 

    Saturday, March 21, 2020 12:38 AM
  • Hi Travis,

    Thanks for your input. It would be great if i can get some document on how the Public IP to private IP mapping is done. More insight on what is happening in the backend.

    Thanks,

    Rajath

    Monday, March 23, 2020 7:37 AM
  • Tuesday, March 24, 2020 7:15 AM
  • I do no think a good doc exists that explains the mapping well. Traffic that comes in to a Public IP is forwarded to the NIC, and then recieved by your VM. 

    Were you able to establish TCP connectivity on any port via the Public IP?

    Tuesday, March 24, 2020 11:58 PM