Network connections being blocked except for pings

Discussion about my Wifi Radio project at http://mightyohm.com/wifiradio/ or my WL-520gU talk at NOTACON.
Post Reply
bitbanger
Posts: 3
Joined: Thu May 05, 2011 2:37 pm

Network connections being blocked except for pings

Post by bitbanger »

Greetings,

I'm stumped with a basic problem! Failure to comunicate!
I started with the build of openwrt posted on mightohm and followed the steps
to get WiFi up on and running on a WL-520gU. That seems all good.

I have basic network connectivity using either WiFi or the WAN xface.

The problem: I can ping hosts by name on the Internet so I know I have DNS resolution. However, all other transfers are timing out.

I'm using the exact example config files posted by Jeff here:

Code: Select all

http://mightyohm.com/forum/viewtopic.php?f=2&t=340
When I try to get opkg to do an update, it times out. Wget / ssh both fail to connect to internet hosts as well. Trying the same connections from a workstation on my network succeeds without issue. For example:

Code: Select all

root@OpenWrt:/# ping www.mightyohm.com
PING www.mightyohm.com (75.125.121.238): 56 data bytes
64 bytes from 75.125.121.238: seq=0 ttl=52 time=33.251 ms
64 bytes from 75.125.121.238: seq=1 ttl=52 time=34.212 ms
64 bytes from 75.125.121.238: seq=2 ttl=52 time=33.612 ms
64 bytes from 75.125.121.238: seq=3 ttl=52 time=35.247 ms

--- www.mightyohm.com ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 33.251/34.080/35.247 ms
However,

Code: Select all

root@OpenWrt:/# opkg update
Downloading http://downloads.openwrt.org/kamikaze/8.09/brcm-2.4/packages/Packages.gz
Connecting to downloads.openwrt.org (78.24.191.177:80)
wget: cannot connect to remote host (78.24.191.177): Connection timed out
Collected errors:
 * opkg_download: ERROR: Command failed with return value 1: `wget --passive-ftp
    -P /tmp/opkg-I8QyZE http://downloads.openwrt.org/kamikaze/8.09/brcm-2.4/packages/Packages.gz'

I've tried dropping the iptables rules and tinkering around with the firewall setup with no success. At this point, I've just finished flashing puppycrack's 8.09 + mpd/mpc + NFS, and the issue persists. I don't think it's my openwrt config or Asus hardware at this point, but this thing simply can't get anything more than pings out and back from the Net.

I am able to ssh into another linux box on my local network, so it might be my Netgear Firewall doing this...but why?


Can anyone think of something I missed?
User avatar
mightyohm
Site Admin
Posts: 1064
Joined: Fri Apr 03, 2009 10:29 pm
Location: Seattle, WA
Contact:

Re: Network connections being blocked except for pings

Post by mightyohm »

I feel like I have heard of this problem before. Have you searched the forums? I'm not sure what could be causing this, but I would suspect it might have something to do with your home network config...
sail4sea
Posts: 11
Joined: Sat Mar 05, 2011 11:33 pm

Re: Network connections being blocked except for pings

Post by sail4sea »

I ran into the same issue. I am assuming you gave yourself a static ip address then. If so you need to add a gateway and a dns service to /etc/config/network.

option gateway 192.168.0.1 #or whatever your normal router's address is.
option dns 8.8.8.8 #is google's dns.


Try this and see if it makes a difference.
bitbanger
Posts: 3
Joined: Thu May 05, 2011 2:37 pm

Re: Network connections being blocked except for pings

Post by bitbanger »

Thanks for the input guys. Jeff, great article! Got me playing around again with embedded linux.

But the culprit seems to be pointing to my Netgear FVS-114 firewall. It still is a mystery as to why however. I took the WL-520gU to my office, and it connects just fine! Transfers work as expected. Got the audio playing right now. S-W-E-E-T ! I also installed OpenWRT on an Linksys NSLU2 "Slug" I had lying around, and guess what? It manifests the exact same failure as the '520' at my house-- and connects fine at the office. I'm trying to get audio on it now, but the Slug uses different hardware, and isn't recognizing the USB audio device yet...but I digress.

The reason I haven't just swapped out the Netgear firewall with another device is it has VPN built in, and I have it doing a Net-to-Net VPN to my office for a VOIP office phone. The Netgear firewall doesn't have much logging that is useful, (and I don't have root) I'm looking around to upgrade to a different firewall device to avoid fighting this any further.

As a side note, I still can use the audio streaming in the '520' at my house, as long as I connect to a streaming server within my local network. I have a squeezebox server running and that exposes a streaming option as well. I add a single URL to my squeezebox server in the MPC playlist, set it up to autoplay and the '520' shows up as a basic streaming device in the squeezebox server. From there, I can control what gets played on the '520' using the web interface to the squeezebox server. Works well with Squeezepad on the iPad and Squeeze Commander on the Andriod phone as well!
bitbanger
Posts: 3
Joined: Thu May 05, 2011 2:37 pm

Re: Network connections being blocked except for pings

Post by bitbanger »

Well, as a footnote to the above, I never did figure out why the Netgear firewall I had, was blocking traffic from anything running OpenWrt. So, I threw out the Netgear and threw an old Linksys WRT54G v2 AP router at the problem. I installed OpenWrt on the Linksys WRT54G and spent the day trying to squeeze openSwan on it and get a vpn tunnel up and running. (I needed IPSEC not SSL vpn support so openVPN doesn't work for me). It is now my primary edge firewall. Due to software bloat, I had to go backwards to White Russian to get enough room to get openSwan going, but it's up and working great now. I Still have 1.5 Megs free in the jffs partition.

I've blown out and reinstalled openWrt so many times now, I've lost count. However, now that the Netgear firewall is out of the way, the packages just fly in.
imran1malik
Posts: 2
Joined: Fri Aug 19, 2011 12:46 pm

Re: Network connections being blocked except for pings

Post by imran1malik »

thanks for the post, i had face the similar problem, but now its fixed..

regards,
a man on a run to fix!
eizner23
Posts: 1
Joined: Thu Nov 28, 2013 11:02 am

Re: Network connections being blocked except for pings

Post by eizner23 »

I had a similar issue where clients could connect and get internet access, but the router itself couldnt ping outside or use opkg. sail4sea's solution worked for me, thank you. :D
Post Reply