Skip to main content

Testing a Connection

Hands-On Lab

 

Photo of Michael Christian

Michael Christian

Course Development Director in Content

Length

01:00:00

Difficulty

Intermediate

In this hands-on lab, you will need to troubleshoot connectivity issues between Client1 (10.0.1.11) and Server1 (10.0.1.10). You will need to determine why the website at 10.0.1.10 is unreachable, and prep the host to make sure connectivity is in place to permit SSL traffic once it's configured.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Testing a Connection

Introduction

In this hands-on lab, you will need to troubleshoot connectivity issues between Client1 (10.0.1.11) and Server1 (10.0.1.10). You will need to determine why the website at 10.0.1.10 is unreachable, and prep the host to make sure connectivity is in place to permit SSL traffic once it's configured.

Solution

  1. Begin by logging in to the lab servers using the credentials provided on the hands-on lab page:

    ssh cloud_user@PUBLIC_IP_ADDRESS

  2. Become the root user:

    sudo su -

Confirm the problem

On Client1 (10.0.1.11)

  1. Confirm that the problem exists by curling the headers of 10.0.1.10 from 10.0.1.11:

    curl -I 10.0.1.10

Confirm, and maybe resolve, Apache's status

On Server1 (10.0.1.10):

  1. Verify a service is listening on port 80:

    ss -lntp | grep :80

  2. If nothing is listening, check if Apache is running:

    systemctl status httpd

  3. Start Apache if necessary:

    systemctl start httpd

    Did that resolve the problem?

Check firewall rules

On Server1 (10.0.1.10):

  1. Verify that the firewall is configured to permit http traffic:

    firewall-cmd --list-services

  2. If http isn't present, it will need to be added:

    firewall-cmd --permanent --add-service=http

  3. And the firewall rules will need to be reloaded to take effect:

    firewall-cmd --reload

    Verify that the problem is resolved.

Permit https traffic in the firewall and verify

On Server1 (10.0.1.10):

  1. You will need to open port 443 in the firewall. You can do it with:

    firewall-cmd --permanent --add-service=https

  2. And then reload the firewall config with this:

    firewall-cmd --reload

  3. You will need to facilitate listening on port 443 from Server1 (10.0.1.10). You can do this by installing the nmap-ncat package for CentOS:

    yum install nmap-ncat

  4. And then using it to listen on port 443:

    nc -l 443

On Client1 (10.0.1.11):

  1. You can verify that 443 is accessible by using telnet:

    telnet 10.0.1.10 443

Conclusion

Congratulations — you've completed this hands-on lab!