Nut upsuser - Sep 2016 - Help with failing Nut slave/client connection

Hi can anyone please help.

I have two linux servers both with static IPs not using NAT.

My slave can't connect to my host. Whatever I try.

I have the same setup also on my LAN with two other machines and they talk
to each other and work great.

But my two machines with their own static IPs don't want to play. I've
used
the same settings for these as I have on my LAN, with a master and slave
and the same conf files etc for each - just changing the LISTEN IP address
in upsd.conf to match my master.

Any help to diagnose and fix would be really appreciated.

Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.alioth.debian.org/pipermail/nut-upsuser/attachments/20160912/232ccf37/attachment.html>

On Mon, 12 Sep 2016, Jonah Naylor wrote:
> I have two linux servers both with static IPs not using NAT.
This is rather ambiguous.  I'm going to guess that you mean they
have public IANA issued IPs that you are trying to use for nut.
> My slave can't connect to my host. Whatever I try.
That would be a sensible default for public IPs.
> I have the same setup also on my LAN with two other machines and they talk
> to each other and work great.
That is also a sensible default for private IPs.

If these two machines are both on the same LAN, they should talk
using a private IP.  If not, you will need a VPN of some sort,
or else configure the SSL features of nut.  I personally use
cjdns (available in epel for centos) for the vpn.

-- 
 	      Stuart D. Gathman <stuart at gathman.org>
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

On Mon, 12 Sep 2016, Jonah Naylor wrote:
> I have two linux servers both with static IPs not using NAT.
> My slave can't connect to my host. Whatever I try.
I assume that these two machines are on the same LAN, so here are a few 
suggestions.  Can you ping from each one to the other?  Can you ssh from 
each one to the other?  Are they running firewalls?  Do both the firewalls 
allow traffic on port 3493?  Have you tested with netcat?  What do the 
firewall logs report?  Is there anything in dmesg, /var/log/messages or 
journalctl?

Roger

Or just set up sane firewall rules to allow the two to talk, but block external
traffic. I have run this way for years - all add'rs ar IANA in a subnet
block, and just that block is open locally, and all other external IP's
severely restricted, and NUT works great . . .

- Tim

On September 12, 2016 11:47:28 AM CDT, "Stuart D. Gathman" <stuart
at gathman.org> wrote:
>On Mon, 12 Sep 2016, Jonah Naylor wrote:
>
>> I have two linux servers both with static IPs not using NAT.
>
>This is rather ambiguous.  I'm going to guess that you mean they
>have public IANA issued IPs that you are trying to use for nut.
>
>> My slave can't connect to my host. Whatever I try.
>
>That would be a sensible default for public IPs.
>
>> I have the same setup also on my LAN with two other machines and they
>talk
>> to each other and work great.
>
>That is also a sensible default for private IPs.
>
>If these two machines are both on the same LAN, they should talk
>using a private IP.  If not, you will need a VPN of some sort,
>or else configure the SSL features of nut.  I personally use
>cjdns (available in epel for centos) for the vpn.
>
>-- 
> 	      Stuart D. Gathman <stuart at gathman.org>
>"Confutatis maledictis, flamis acribus addictis" - background song
for
>a Microsoft sponsored "Where do you want to go from here?"
commercial.
>
>_______________________________________________
>Nut-upsuser mailing list
>Nut-upsuser at lists.alioth.debian.org
>http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.alioth.debian.org/pipermail/nut-upsuser/attachments/20160912/81164833/attachment.html>