Hi everyone,
I am trying to understand what is going on with my CentOS 8 on Google Cloud Platform. The goal is to set up a VPN + Pi - Hole.
Have a look below at what nmap gives me vs firewall-cmd. Nmap says 22 and 9090 only and firewalld says that cockpit (9090) dhcpv6 (53?) ssh (22) and wireguard (51820) are active?
Now:
- cockpit does not work from the outside world, but it does work with local IP when connected through VPN.
- Wireguard VPN definitely works as I can connect to it and then open cockpit locally
- I can ping any domain from shell, but can't go "outside" when connected through VPN
So let's form a couple of questions:
1. nmap and firwalld say that 9090 is opened but can't access cockpit from the outside world, why?
2. Why nmap does not show wireguard?
3. Why I can ping anything from the sever, but my peer can't access any website when connected to that server through VPN?
# nmap local...
Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-25 15:32 UTC
Nmap scan report for local... (*.*.0.19)
Host is up (0.0000080s latency).
rDNS record for *.*.0.19: ....internal
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
9090/tcp open zeus-admin
Nmap done: 1 IP address (1 host up) scanned in 1.60 seconds
# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: cockpit dhcpv6-client ssh wireguard
ports:
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Thank you in advance
nmap and firwalld give coflicting statements
Re: nmap and firwalld give coflicting statements
Are you running nmap from outside the machine in question or on it? If it's on it then your requests get transparently redirected to localhost and everything is allowed.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: nmap and firwalld give coflicting statements
both commands on the same machine Trev
Re: nmap and firwalld give coflicting statements
So then it's expected. Run it from outside to get reliable results.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke