0

I have a client with a webserver and a VPS server with a webserver and a mailserver. These machines have to exchange data via REST API but I have a problem, they are not reachable each other over HTTP and HTTPS in both ways.

I did some test:

  • Verified DNS resolution with a nslookup, and they are fine
  • Tried a ping each other, both ways fails, tried another protocol like SMTP and it fails with timeout like HTTP or HTTPS protocol.
  • Checked if is there a firewall, and there is not.
  • Tried the same connections with another client with another public IP, and it works. I also tried with the same first client but to another VPS server in a different server farm of the same provider and everything works.
  • I tried a tracert from the client to the not working VPS and the working VPS, the first routes seems to be the same, these are the tracert logs:

NOT WORKING VPS TRACERT

  1     1 ms     1 ms     1 ms  MODEMTELECOM [192.168.1.1]
  2     *        *        *     Richiesta scaduta.
  3    23 ms    41 ms    22 ms  172.17.81.224
  4    25 ms    26 ms    26 ms  172.17.82.70
  5    28 ms    26 ms    26 ms  172.19.243.93
  6    29 ms    28 ms    28 ms  etrunk42.milano1.mil.seabone.net [93.186.128.78]
  7    27 ms    27 ms    29 ms  ae11.milano58.mil.seabone.net [195.22.208.79]
  8    27 ms    35 ms    27 ms  be100-152.mil-5-a9.it.eu [91.121.131.62]
  9    36 ms    38 ms    38 ms  be103.sbg-g1-nc5.fr.eu [91.121.215.194]
 10     *        *        *     Richiesta scaduta.
 11    34 ms    34 ms    34 ms  be5.sbg-z2g2-a75.fr.eu [37.187.232.51]
 12    32 ms    36 ms    34 ms  po7.sbg-z2b13-a70.fr.eu [92.222.59.118]
 13    35 ms    34 ms    34 ms  92.222.59.2
 14    33 ms    33 ms    33 ms  73.ip-92-222-54.eu [92.222.54.73]
 15     *        *        *     Richiesta scaduta.
 16     *        *        *     Richiesta scaduta.
 17     *        *        *     Richiesta scaduta.
 18     *        *        *     Richiesta scaduta.
 19     *        *        *     Richiesta scaduta.
 20     *        *        *     Richiesta scaduta.
 ...

WORKING VPS TRACERT

  1     1 ms     1 ms    <1 ms  MODEMTELECOM [192.168.1.1]
  2     *        *        *     Richiesta scaduta.
  3    23 ms    22 ms    22 ms  172.17.81.224
  4    26 ms    26 ms    27 ms  172.17.80.157
  5    35 ms    31 ms    30 ms  172.19.243.77
  6    30 ms    30 ms    29 ms  etrunk37.milano50.mil.seabone.net [195.22.196.90]
  7    41 ms    30 ms    29 ms  ae10.milano58.mil.seabone.net [195.22.208.117]
  8    29 ms    28 ms    29 ms  be100-152.mil-5-a9.it.eu [91.121.131.62]
  9    36 ms    36 ms    39 ms  be103.sbg-g1-nc5.fr.eu [91.121.215.194]
 10    40 ms    40 ms    40 ms  be100-1254.th2-1-a9.fr.eu [94.23.122.139]
 11    49 ms    45 ms    47 ms  be102.gra-g2-nc5.fr.eu [213.186.32.214]
 12     *        *        *     Richiesta scaduta.
 13    45 ms    45 ms    45 ms  be7.gra-z1g1-a75.fr.eu [37.187.232.79]
 14    46 ms    46 ms    46 ms  po5.gra-z1b8-a70.fr.eu [92.222.62.52]
 15    46 ms    46 ms    46 ms  92.222.61.222
 16     *        *        *     Richiesta scaduta.
 17    46 ms    48 ms    46 ms  srv2.mydomain.eu [51.255.XX.XXX]

What I'm missing? What else can I try?

Tobia
  • 1,210
  • 8
  • 37
  • 73
  • The "client with webserver" is located in your company's network? I bet there **is** a firewall and it's either blocking the traffic and/or not configured with the required NAT rules. – Tommiie Sep 17 '18 at 08:24
  • I understand your bet, that was my first test, for this reason I tested both ways: A can't ping or get HTTP response from B and the same from B to A. But if I test from another client or the other VPS they works. For now I bet a routing problem from my provider... This is not a company network, the client is connected to a consumer router with all required NATs (remember that I can access client services from every other IP but my VPS and also the opposite, my client can access and ping all other VPSs I have) – Tobia Sep 17 '18 at 08:39
  • Can you share the IP addresses of the three machines involved and explain which flows work and which not? – Tommiie Sep 17 '18 at 08:43
  • I'm a bit reluctant to share my ip and ip of my customer, maybe this is a paranoia... – Tobia Sep 17 '18 at 09:38
  • But are they both private IP addresses or both public IP addresses? – Tommiie Sep 17 '18 at 09:40
  • Both public. I can share it in chat if you want... – Tobia Sep 17 '18 at 09:41

0 Answers0