Testing a Connection


Michael Christian
Course Development Director in Content
In this hands-on lab, you will need to troubleshoot connectivity issues between Client1
(10.0.1.11) and Server1
(10.0.1.10). You will need to determine why the website at 10.0.1.10 is unreachable, and prep the host to make sure connectivity is in place to permit SSL traffic once it's configured.
Testing a Connection
Introduction
In this hands-on lab, you will need to troubleshoot connectivity issues between Client1
(10.0.1.11) and Server1
(10.0.1.10). You will need to determine why the website at 10.0.1.10 is unreachable, and prep the host to make sure connectivity is in place to permit SSL traffic once it's configured.
Solution
Begin by logging in to the lab servers using the credentials provided on the hands-on lab page:
ssh cloud_user@PUBLIC_IP_ADDRESS
Become the
root
user:sudo su -
Confirm the problem
On Client1 (10.0.1.11)
Confirm that the problem exists by curling the headers of 10.0.1.10 from 10.0.1.11:
curl -I 10.0.1.10
Confirm, and maybe resolve, Apache's status
On Server1 (10.0.1.10):
Verify a service is listening on port 80:
ss -lntp | grep :80
If nothing is listening, check if Apache is running:
systemctl status httpd
Start Apache if necessary:
systemctl start httpd
Did that resolve the problem?
Check firewall rules
On Server1 (10.0.1.10):
Verify that the firewall is configured to permit http traffic:
firewall-cmd --list-services
If
http
isn't present, it will need to be added:firewall-cmd --permanent --add-service=http
And the firewall rules will need to be reloaded to take effect:
firewall-cmd --reload
Verify that the problem is resolved.
Permit https traffic in the firewall and verify
On Server1 (10.0.1.10):
You will need to open port 443 in the firewall. You can do it with:
firewall-cmd --permanent --add-service=https
And then reload the firewall config with this:
firewall-cmd --reload
You will need to facilitate listening on port 443 from
Server1
(10.0.1.10). You can do this by installing thenmap-ncat
package for CentOS:yum install nmap-ncat
And then using it to listen on port 443:
nc -l 443
On Client1 (10.0.1.11):
You can verify that 443 is accessible by using telnet:
telnet 10.0.1.10 443
Conclusion
Congratulations — you've completed this hands-on lab!