This is by far the weirdest problem I've experienced. I have a FC 2 machine that lives in a network behind a firewall (router runs some form of linux). My machine and the rest in the network all have publicly accessible IP addresses and all machines can be pinged. We took the necessary steps to open traffic in the router to my machine.

Now for the weird part. The machine refuses connections to ANY service from the internet until a connection is first made from within the network. At first I thought it was because I had 2 nics in the box and only one was opened through the firewall so I disabled the second interface entirely.A friend of mine VPNs into the network and ssh's into the box, once he connects then I can access the webserver on the box, ssh in, whatever else i want. After several hours it reverts to refusing connections until the process is repeated.

Anyone have any creative ideas on this? I read somewhere about ECN and I disabled that. I have iptables disabled and I'm all out of ideas.

Thanks

Alright It happened again while i was still SSH'd into it and I had the opportunity to run tcpdump for a few minutes before i was disconnected and it didnt show any kind of incoming packets as i tried to reconnect with ftp or ssh. Therefore its something to do with the router I don't have access to.

Have you been able to find the cause of this problem?
We're experiencing something similar. Here our FC2 machine refuses any TCP connection after about 15 minutes. This remains so until an outbound connection is created on the machine itself.
Also, open ssh sessions are closed when this problem occurs.

jochen

It almost sounds like a hardware problem .
Have you tried switching to the other nic?

yes, after trying a few things we concluded the same, tried 2 other nics. unfortunately neither could make ANY connection (in or out). my worstation is the exact same setup, but i haven't really tried to create the same circumstances (making incoming connections instead of outgoing). the original nic is on the motherboard by the way.

anway, i'm leaving it up to the sys admins for now and continue coding...

Boy is my face red (and sorry for drudging up a crazy old thread for a solution that probably doesn't apply to anyone else). There was one of those little tag printers connected to the network and it was getting the same IP address I was. I only discovered it when I ran nmap with the OS identification option for a few hours and noticed one time it said like "Something Thermal Tag Printer" and I slapped myself so hard it left quite a mark :P The part I don't get is my IP was assigned my DHCP which leads me to believe some idiot set up that tag printer with a static IP that just so happened to match mine.