Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Dear all,
I wanted to setup my box as a host with dynamic ip using no-ip.com service so that I could ssh my box from anywhere outside, however for some reason no-ip said that port 22 wasn't open.
What I did:
1. Create a host at no-ip
2. Install no-ip service in the box to update the dynamic ip
3. Do port forwarding of my box at its router
I do netstat on the box, it said the port 22 was open. So it was according to Nmap scan, but the wizard in no-ip said that port 22 was close. I also try to ssh to my box, I couldn't get in.
Depending on your router you may find that 22 may be used for remote management of the router and isn't available for forwarding. Try setting your router up to forward a different port (2222) to port 22 on your inside box and connect to that instead of the normal port 22.
Is ssh running on your box and can you login locally on your LAN?
Yes. I could ssh from 1 machine to another in LAN.
Quote:
Originally Posted by michaelk
Did you allow port 22 access in the box's firewall?
Yes. I confirmed this by using nmap from my other machine in LAN.
Quote:
Originally Posted by michaelk
Did you configure the box with a static IP address or use a DHCP address reservation in your router?
Yes. It is using DHCP address.
Quote:
Originally Posted by michaelk
Did you use the correct IP of your box in router's forwarding rule?
Yes. I made sure the box address is in the forwarding setup.
Quote:
Originally Posted by michaelk
Does your no-ip URL actually resolve to your WAN IP address?
Yes. I do "whatismyip", it matched with my no-ip host.
But when I test port 22 using this port checking took, it timed out. The no-ip software in the box said that it associated my no-ip address with the box LAN, but how can I make sure that? How I make sure that my router will route the traffic from outside to my box?
Depending on your router you may find that 22 may be used for remote management of the router and isn't available for forwarding. Try setting your router up to forward a different port (2222) to port 22 on your inside box and connect to that instead of the normal port 22.
tried that, it didn't work, I must miss something simple but important
you could try temporarily disabling the firewall.
btw, i often fall into the trap that i
1) open the port on my router
but then forget to
2) open the port on my machine's (not the router's) firewall
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Rep:
You did not elaborate on the type of router you have. In some cases you must create a port forwarding rule, but also a rule which actually allows to pass that traffic through this forwarding rule.
Some routers do this implicitely (so you are not aware of it, you don't see it and you cannot change it), some routers do it automatically (like PFSense, and you cannot disable the rule) and some don't do it at all. Like IPtables. Are you sure the traffic is not only forwarded bu also allowed?
During testing, forget about no-ip DNS resolution. Use your IP address and once that works, you can use the name and see if it resolves properly. Likely it does, but exclude unknowns.
hello... I ran nmap against the box from my other machine on LAN, and port 22 was open, which means firewall doesn't block the box and the router. However when I scan my WAN, it said port 22 was filtered, so were also other ports. I suspected that my modem did some kind of firewall, but when I disabled its firewall, it port was still filtered.
My router is cisco e1200,I don't know how to confirm if port forwarding works or not. Also my modem is technicolor cwa0101, seemed like this device did some port filtering, but not sure which one.
In my linux box ufw status is inactive and there is no policy in iptables -L.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.