LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-08-2003, 05:53 PM   #1
valleyman
LQ Newbie
 
Registered: Jun 2003
Posts: 12

Rep: Reputation: 0
Question dsl router + NAT + ssh = problem


well right now i am using two machines both
on redhat 9 , i can ssh to and from them freely,
these two computers share a dsl connection via
a dlink di-624 router i think that i have the dlink set
up correctly, as i used this example that one of
my good friends has set up,

// URL REMOVED //

this setup works for him ... the only differance that i
can see is that he has cable and i have dsl, the dsl
router is not to user friendly, so basically i guess
that i am asking how to make it forward all port 22
requests from it to the dlink, this is so that i can
connect to my home computer from work ...

the dsl router is a sprint modem made by
ZyXEL model number P645ME+
and with this thing i really have no idea what
the hell i am doing.

thanks for the help,
Vall3yman
--thebluenowhere.org--

Last edited by valleyman; 12-09-2003 at 04:50 PM.
 
Old 12-08-2003, 07:37 PM   #2
JordanH
Member
 
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360

Rep: Reputation: 30
Hey.

Does your friend have 2 machines running ssh? From the looks of that screen capture, it looks like only one machine (192.168.0.100) is running ssh.

I suggest 1 of 2 things...
1. Setup the configuration like your friend so that you ssh into Machine A to access it or forward your ssh your connection to machine B.
2. Setup the configuration of your router such that it forwards port 22 to Machine A but some other port (say 2222?) to Machine B. Then you ssh on port 22 to get to Machine A and to port 2222 to Machine B.

Personally, I think the first option is best if both machines are connected and online but if they are laptops which roam or are connected wirelessly, then option 2 is your best bet.

P.s. One other note. The image you posted lists VNC as a forwarded port. This is a BAD idea. Bad. Please tell me you don't use vnc as root too! (Or if you do, PM me your IP. ;-) )
 
Old 12-08-2003, 08:54 PM   #3
valleyman
LQ Newbie
 
Registered: Jun 2003
Posts: 12

Original Poster
Rep: Reputation: 0
that is an old picture ... it has since
been turned off, i think that was activated
when in the youth state of linux use, i am
glad to say that i know a little more now.

thank you for the suggestions and comments
i have turned off the shhd on one of the
machines that was really just to test and make
sure that they both could work in the event of
one crashing.

my real problem however still remains with the
dsl router that i use, and being able to connect
through it to the machine that is behind the router
that i use for distributing the internet.

yeah he does only have one running ssh

Last edited by valleyman; 12-08-2003 at 08:56 PM.
 
Old 12-08-2003, 10:05 PM   #4
JordanH
Member
 
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360

Rep: Reputation: 30
So what seems to be the problem then? Lets start by posting some information...

1. Please describe your desired LAN setup. How do you want traffic to be routing out of / into your network? Do you have one linux machine setup as a router as well as your Dlink router?
2. How are those machines configured (i.e. how many NIC's, ip addresses)

We'll be able to help you when we have more info.
Cheers,
J.
 
Old 12-09-2003, 05:11 PM   #5
valleyman
LQ Newbie
 
Registered: Jun 2003
Posts: 12

Original Poster
Rep: Reputation: 0
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
+--------+. . . . . . . .+-----------+. . . . . . . . . +--------------------+. . . . . . . .
.|. . .A. . .|======|. . . . B. . . . . .|==========|.comp 1 (sshd).. . |. . . . . . . .
.+--------+. . . . . . . +-----------+. . . . . . . . . +--------------------+. . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . .\\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . .\\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .+-------\\---------------+. . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . | comp 2 (no sshd) |. . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .+------------------------+. . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

(had to put all those dots to keep it spaced out)

ok there is my setup ... you have already seen that one picture
with the other routers settings (B) which are correct. router A is
my dsl router, this one is not allowing any thing in, do not ask
me why i do not know. as i said before it is a sprint dsl router
i believe that i already mentioned the model number and such
in the first post. i need to be able to come in from a remote
location past router A (the problem) so that i can connect to
computer 1 which is running my ssh server.

oh yeah here are the IPs
A = 192.168.1.1
B = 192.168.0.1
comp1= 192.168.0.111
comp2= 192.168.0.100

Last edited by valleyman; 12-10-2003 at 05:43 AM.
 
Old 12-10-2003, 09:19 AM   #6
JordanH
Member
 
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360

Rep: Reputation: 30
The above configuration looks pretty standard. I'm going to assume that normal Internet access is configured properly and you are able to browse the world and ftp and stuff. CMIIW.

Now which router are you configuring? Usually, the DSL modem isn't a configurable router (at least not with the ones I have had at home) but the documentation for your 645 says that it is also a router and packet filtering firewall etc. Your other router will also needs to be configured...

In order to configure the Machine A router, you will need one more ip address that you have not documented above. Machine B actually has 2 ip addresses so you should have a look around to find out what it is.

Once you have the other Machine B ip address what you do is this...
1. On Router A, setup port forwarding such that tcp port 22 goes to the Machine B's other address (should be 192.168.1.X)
2. On Router B, setup port forwarding such that tcp port 22 goes to 192.168.0.111

From an external machine, you should now be able to ssh to your external ip address which is actually your Router A and then that will get passed to router B and THEN it will get passed to your computer 1. The reason you can't go directly from Router A --> Computer 1 is that they are on different networks (192.168.1.0/24 vs 192.168.0.0/24)

I'm not sure if this other optioin will work but I will mention it anyway - I haven't read the documentation on your Router B. Your Router B may be able to work as a hub - which is really what you want to begin with! So... the easiest way to configure all of the above is to move all machines onto the 192.168.1.0/24 network. If you assign all machines with addresses in that network, then you can just configure the Router A to port foward directly to computer 1...

...............................................
Internet
....||.......
ext IP
+--------+192.168.1.1.....................
Router A..-----------------------+......................
+--------+..............................|................
............................................|.
+--------+192.168.1.100..........|............192.168.1.2+------------------+
comp 1.....---------------------+------------------ Router (Hub) B...................
+--------+.............................|......................+------------------+
............................................|.
+--------+192.168.1.200...........|................
comp2.......----------------------+.................
+--------+........................

Then setup the Gateway address to 192.168.1.1 on all of your machines.
Then setup port forwarding on Router A to point to 192.168.1.100

Last edited by JordanH; 12-10-2003 at 09:21 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SuSE 9.3 - wierdness with Gaim/SSH - NAT problem ? Ragman Linux - Networking 0 05-27-2005 07:39 PM
nat problem with newly set up router cutejai Linux - Networking 2 04-29-2005 02:01 AM
NFS via NAT (DSL) Router?? h00chman Linux - Networking 4 06-02-2004 11:58 AM
Debian Nat Client via Dlink DSL-502T Router sherifff Linux - Networking 0 05-05-2004 12:23 PM
SSH problem with DSL jtshaw Linux - Networking 4 05-11-2003 11:44 AM


All times are GMT -5. The time now is 03:32 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration