Hey all, I'm rather new to linux so forgive anything I say that sounds stupid.

I just installed ubuntu server on a machine in my internal network, with the intention to set it up as a development server with ssh, apache, and cvs. I have them all working on the internal network (eg from one machine to another) and I set up the port forwarding on my router to forward TCP and UDP ports 22 from the router to ubuntu box.

The problem I'm having is that if I try to ssh to the external IP, I get connection refused. I'm not sure where the problem is either, or how to go about fixing it. I checked canyouseeme.org and verified that it sees port 22 open on the external ip, so it's my belief that it's forwarding correctly. From what I've read so far I assume it might be related to NAT, but I don't really know enough to even start addressing this.

You should be using TCP only, not UDP, for SSH. Though I don't think that would cause the problem.

I assume you have double checked the IP has changed since you configured the router? Better yet, have you configured this machine with a static IP? You could also try putting it into the DMZ, and seeing if you are able to connect then.

Thanks for the quick reply. The machine is set up at a static ip, and I'm able to ssh to it just fine with another machine inside the network if I use it's internal ip, but not with the external one. I've also tried putting the system in the DMZ with no success.

BlueSpam, hey, I'm also relatively new to Linux, so take anything I say with a grain of salt. ^_^ It seems to me, though, that it's your router that's the problem. To verify this, when you try to access the apache server from the external address, can you see the test page (or whatever page you've put up in place of it)?

If you can't, then what type of router do you have?

It is most likely fine. If the canyouseeme.org page can hit port 22 the forwarding is working ok.

What kind of router do you have?

My guess is whatever firewall it has running is seeing a connection from a IP that is on its internal net trying to connect to its external interface, and is dropping the connection rather than forwarding the packing back inside. This is a good thing.

If you think about it, it is kind of counter productive to ask your router to forward the packets when the 2 computers are already on the same subnet.

If IP's all check good, then probably firewall in the router or on the server. Some routers may require opening the port for WAN to LAN in addition to port forwarding.

Check your server for firewall and the /etc/hosts.deny. hosts.deny might have an all:all line.

Hmm. I tried SSHing to an external server, then back in again to the external ip, and it worked! I guess I'll need to stick to the internal ip when I'm inside my network, no big deal though!

Thanks!