LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Making sshd accessible outside the LAN (https://www.linuxquestions.org/questions/linux-networking-3/making-sshd-accessible-outside-the-lan-711815/)

WhatsUnderThere 03-15-2009 05:47 PM
[SOLVED] Making sshd accessible outside the LAN
 
Hi there. Recently, I set up a ssh server on one of my home computers to share files/work between my desktop and laptops (mostly via svn).

So far, so good. However, now I'm trying to make my ssh server accessible outside my home LAN and I've run into nothing but headaches. I suspect the issue has something to do with port forwarding, somewhere between my modem, router, and computer. If you see any thing possibly amiss with my setup or have any suggestions, I would really appreciate it.

Here's the basics of my situation:
- I'm using a Westell broadband modem (at local ip 192.168.1.1)
- The modem says my internet connection is at 192.168.1.45
- Connected to the modem is a Linksys wrt54g (at local ip 192.168.2.1)
- The computer running sshd is directly wired to the router, and Ive manually assigned it a static ip of 192.168.2.100
- The router's DHCP only uses ip range 192.168.2.2 - 192.168.2.52
- The modem firewall is set to disabled
- The router firewall is enabled
- The router is set to not block anonymous requests
- The router is set to forward range 22-22 to 192.168.2.100 (the static ip), although I think this may not be working correctly
- I registered a domain name at dyndns, and I set the router to update the address dynamically--it asks for dyndns username, password, and domain name--it shows the ip address as 192.168.1.45 and says update successful
- ssh works flawlessly for all computers on the LAN, connecting to 192.168.2.100 on port 22
- when attempting to connect to the ssh server using the external address (ip or domain name), ssh responds 'connection refused'


Thanks for your time.
Steve

WhatsUnderThere 03-15-2009 07:54 PM
After doing a bit more searching on the subject, I found that it makes a difference whether I try to use the external address inside the same LAN. Thus, I tried SSH'ing to an external server, and then back to my home server. Rather than receiving the connection refused message, the terminal just hangs. Running 'telnet my.dyndns.name 22' also hangs, but it prints out my modem's external ip address correctly, which verifies the dns side of things is working.

A new question Ive come across: do I need to fiddle with /etc/hosts, /etc/hosts.allow, or /etc/hosts.deny to get this working? I havent ever modified them and Im not quite sure what they do. If they are somehow related, I can post the contents of these files if necessary.

utanja 03-15-2009 09:23 PM
I am using a setup thru dyndns and it works perfectly both from within the lan and from external remote locations.(wan)..

WhatsUnderThere 03-16-2009 12:13 AM
Well, it looks like the issue might be solved--I asked someone else outside my LAN to check if the ssh server was visible and they said it was. I havent gotten a chance to try it away from home yet, but it seems like that may have been the root of the problem all along.

Funny--all this time spent trying to verify that the server works did nothing more than convince me that a problem existed when it was actually fine.

acmeinc 03-16-2009 05:08 AM
So this is working now? If not I may have a few suggestions, or testes we can run to find the source of the problem.

WhatsUnderThere 03-17-2009 12:42 AM
Yep, it worked perfectly when I was outside of my home LAN.

I'm a little curious why, then, it didnt work when I tried to ssh to a remote server and then back into my own. It might be because I needed to log into the external network's vpn to use their ssh server, but Im not really sure. *shrug*

Thanks for the offer anyway.

Steve


All times are GMT -5. The time now is 02:30 PM.