Port forwarding not allowed when client is inside the LAN
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Port forwarding not allowed when client is inside the LAN
This router is a Netgear WNDR3700v4, and for now, I keep the default settings.
Inside the LAN, there is my host 'vvv', with this IP:192.168.2.4
In order to connect to this box through ssh from the outside, I have forwarded its port 22 to the router port 8924.
So, from an outside computer, I get:
Quote:
$ ssh -vv -p8924 xri.is-a-geek.com
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
debug1: Reading configuration data /home/xri/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to xri.is-a-geek.com [97.11.124.79] port 8924.
debug1: Connection established.
debug1: identity file /home/xri/.ssh/id_rsa type 1
etc [it connects without a problem]
When I try the same from another box inside the local network:
Quote:
$ ssh -vv -p8924 xri.is-a-geek.com
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
debug1: Reading configuration data /home/xri/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to xri.is-a-geek.com [97.11.124.79] port 8924.
debug1: connect to address 97.11.124.79 port 8924: Connection refused
ssh: connect to host xri.is-a-geek.com port 8924: Connection refused
With my previous router I didn't have this problem. I've been looking in the manual, but I do not see any specific setting or solution to allow inside computers use the same ports as outside computers do, for ssh.
Could you give me a hint here? What to read? What to look for?
Thanks for reading this.
Sounds like a loopback problem. Some routers/modems block loopback connections (connecting to your own WAN IP from inside the LAN). You should check if there's an option to enable/disable this, but if not, you may be out of luck.
BTW - I hope you changed the URL, IP, username, and port numbers in your post, otherwise everybody in the world now knows how to hit the ssh server on your box, AND a valid username to use.
I have a Netgear WNDR3700v3 and can ssh from inside the LAN using my external IP address so unless there is a big difference in firmware there should not be a loopback problem. I forward the same port number but that should not be a problem either.
You have not posted enough information but are you using keys or typing in a password? Is the local and outside computer the same except for "location". If different, have you verified that both are configured the same?
I assume you can ssh from within the LAN i.e. using its local IP address and port 22 from the same box that fails using your external URL.
You specified the forwarding port in both examples, surely one must be port 22 and the other one 8924 ?
From outside port 22, which then goes inside on port 8924
So when you inside the network, use port 8924
Thank you for the replies.
The line on my original post is part of a script that I use in every case (the client computer is a laptop). It used to work on both locations (inside the LAN and away from it). Now it does not.
@michaelk, the fact that you have no problems using the outside port when you are inside strongly suggests that my issue has to do with the router configs. I will take a further look; I must have missed something...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.