Problem
Connections refused to guests console when connecting via telnet to localhost with the port number specified in the configuration file (10003, 10004, ...).
This can be caused by firewall settings.
Example1:
# telnet charonserver 10003
telnet: connect to address 192.168.42.42: Connection refused
|
Example2:
# telnet charonserver 10003
Trying 192.168.42.42...
telnet: connect to address 192.168.42.42: No route to host
|
Solution
To ensure the TCP ports are not blocked by the firewall, please execute the following commands
Red Enterprise Linux Server 6.x
# iptables -I INPUT -p tcp --dport <port> --syn -j ACCEPT
# iptables -I INPUT -p udp --dport <port> -j ACCEPT
# service iptables save
|
Example:
# iptables -I INPUT -p tcp --dport 10003 --syn -j ACCEPT
# iptables -I INPUT -p udp --dport 10003 -j ACCEPT
# iptables -I INPUT -p tcp --dport 10004 --syn -j ACCEPT
# iptables -I INPUT -p udp --dport 10004 -j ACCEPT
# service iptables save
|
Red Enterprise Linux Server/CentOS7 7 and 8 (using firewalld service)
As "firewalld" is installed by default, the commands used are those given in the example below.
Example with console on port 10003:
# firewall-cmd --permanent --new-service=Charon
success
# firewall-cmd --permanent --service=Charon --add-port=10003/tcp
success
# firewall-cmd --permanent --service=Charon --add-port=10003/udp
success
# firewall-cmd --get-active-zones
public
interfaces: ens34 ens35
# firewall-cmd --zone=public --permanent --add-service=Charon
success
# firewall-cmd --reload
success
|
Links
Related articles