Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Ok, so i have not had internet for about 6 months, until two weeks ago, A freind of mine in a dorm room next door ordered century link internet and offered me the ability to use the wifi and have access to the router.
ok, this is awesome, but im having an issue ssh. Here is the thing. i can access my server locally through the lan with strong username along with keys and passphrase.
I open up port 22 in the router, windows defender, avast firewall, router firewall, and i try to connect... nothing EVER hits the server. My server is setup that ANY time someone or something hits the server, i get a message. nothing from the public side at all. So i decide to use an online port tester, like nmap, and it says all the ports timeout. ok, so i try another tester, this time, it successfully says port 22 is open AND my server sends me a message stating that something tried to connect. ok, this is good. BUT i run the scan again, and it times out. i set the scan to do it over and over, been 2 days and not one successful attempt. so i give up.
i know the router lets port 25565 through for a game server of mine and it works just fine, but port 22, will not. i even checked the default configs for the router and it shows it allowing ssh through.
i have checked all firewalls that i have and virus scanners. nothing. its driving me nuts.
any help would be nice. i feel like its a century link issue... maybe
Is the server behind the Century Link router? That is, are you trying to ssh into a server that's on a residential Century Link account?
If so, it's almost certain that the ISP is blocking port 22 inbound (and port 80, and port 25 outbound).
If not, please clarify the relationship between the Win 10 client and the server into which you're trying to ssh.
Also please post the flavor of Linux that you're running on the server.
Yes, the server is behind the router. I do not see why the isp would be blocking it IF THEY configured there router by default to have port 22 open?? maybe to stop people from having a server?
I have also opened ports 5022, 8022, 5063, for ssh in the router and still does not work. I have tried many different port numbers in case they were blocking it at isp lvl and i can not get any of them to work.
The server is bitvise, does not need to run on linux, just win10. I posted here because in the past, you helped me out more than windows forums haha.
Yes, the server is behind the router. I do not see why the isp would be blocking it IF THEY configured there router by default to have port 22 open?? maybe to stop people from having a server?
Perhaps port 22 if open on the router itself, for management purposes? That would explain why an external testing service would report the port as open, while nothing hits your server.
BTW, the testing service that reported the port as open wouldn't by any chance happen to be using CenturyLink?
Quote:
Originally Posted by LT72884
I have also opened ports 5022, 8022, 5063, for ssh in the router and still does not work. I have tried many different port numbers in case they were blocking it at isp lvl and i can not get any of them to work.
So basically you can't get any port forwarding to work?
Are you sure the router you've got access to is directly connected to CenturyLink? Because if it's actually behind another NAT router, you'll have to configure port forwarding on both devices.
Log in to the router and check the IP address of the WAN/external interface. If it belongs to the private IP address space, there has to be at least one other NAT router involved. (And even if the address seems legitimate, check it against an external service.)
Perhaps port 22 if open on the router itself, for management purposes? That would explain why an external testing service would report the port as open, while nothing hits your server.
BTW, the testing service that reported the port as open wouldn't by any chance happen to be using CenturyLink?
So basically you can't get any port forwarding to work?
Are you sure the router you've got access to is directly connected to CenturyLink? Because if it's actually behind another NAT router, you'll have to configure port forwarding on both devices.
Log in to the router and check the IP address of the WAN/external interface. If it belongs to the private IP address space, there has to be at least one other NAT router involved. (And even if the address seems legitimate, check it against an external service.)
Its for sure the only device. The wan IP is a public ip. The ONLY port i hav been able to get to work is 25565 for a game server to allow ONLY one define public IP in and thats my friends IP.
The testing service was hackertarget.com and whatismyip.com
I dont know if the isp is blocking it because this morning, i found a option in the router to allow remote control via ssh on port 22, but i dont want remote control haha. but maybe i need to enable that in order for ssh to be accepted??
Its for sure the only device. The wan IP is a public ip. The ONLY port i hav been able to get to work is 25565 for a game server to allow ONLY one define public IP in and thats my friends IP.
The testing service was hackertarget.com and whatismyip.com
I dont know if the isp is blocking it because this morning, i found a option in the router to allow remote control via ssh on port 22, but i dont want remote control haha. but maybe i need to enable that in order for ssh to be accepted??
thanks
If the router has an sshd available, then it's going to intercept access to port 22 and not pass it to your server.
You should be able to access your server via port 22 from within the network, yes? Why do you want to access it from outside?
You were asked about port forwarding, but haven't yet responded. Did your neighbor give you access to the router configuration so that you can do port forwarding? You imply that you do have that access, so use that.
You've also not told us what flavor of Linux you're using on the server. Please do that.
ISP's block access to some ports on residential routers because they don't want residential customers providing public services. There are several good reasons for this, but the main one is probably that they want business customers to pay business rates. It is what it is. It's a policy I agree with, since it causes folks to come to companies like mine to have there public services hosted.
If the router has an sshd available, then it's going to intercept access to port 22 and not pass it to your server.
You should be able to access your server via port 22 from within the network, yes? Why do you want to access it from outside?
You were asked about port forwarding, but haven't yet responded. Did your neighbor give you access to the router configuration so that you can do port forwarding? You imply that you do have that access, so use that.
You've also not told us what flavor of Linux you're using on the server. Please do that.
ISP's block access to some ports on residential routers because they don't want residential customers providing public services. There are several good reasons for this, but the main one is probably that they want business customers to pay business rates. It is what it is. It's a policy I agree with, since it causes folks to come to companies like mine to have there public services hosted.
i have to responded, multiple times about port forwarding, please re-read the posts. i can GET port forwarding to work on port 25565... In my OP, i state that, i also state that i have access to the router. Its a basic zyxle c3000 router, no config files, just point and click. Its not a cisco or enterprise type router. i just cant seem to get ssh to work at all threw ANY port i try.
i have also stated, if you read my posts, that its bitvise server on win 10.. you will also find out in the exact same post, why i am here on this forum.
Why does ANYONE want access to a ssh server from outside their LAN? to be able to access their files on their server. This way, i have access to my files while im in class, work, or where-ever i am. i HATE carrying my school books around all the time, my thumb drives full of cnc files, models, etc. so having them available online is nice, especially since i dont have to trust another company with my stuff.
According to their Internet Service Disclosure policy the only specific ports they block is 25 and 1900. It does say they can block any port necessary to protect their customers from exploitation and fraud.
Are you trying to access your server using the public IP from outside or within your LAN. Many routers can not or disable NAT loopback. Try accessing the server from outside your ISP's network. As stated if remote access is enabled it could be blocking your server. Have you tried changing bitvise port number from 22 to something else? I guess you have...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.