ok, heres the deal. I've looked around the internet, even tried suggestions from linksys tech support - to no avail (of course). I have a linksys BEFSR41 router on my home network. that connects to a switch that holds computer 1 && computer 2. Eerything works internally, both computers are talking/can connect to the internet. when I loosen all the rules on the hardware firewall, i still can't ftp/ssh/telnet/etc into either computer remotely. i've tried this from school running winxp, and even under a UNIX environment...nothing. Using the SSH client at school I get this error:
"the host "xxx.xxx.xxx.xxx" is unreachable.
the host may be down or there may be a problem with the internet connection.
Sometimes such problems can be caused by a mis-configured firewall."

from the winblows dos prompt, trying ping, i get:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

however, if i try to ping from computer1 (the one im trying to remotely connect to), i get the ping stats back, but telnet reports that the host dropped the connection. anything? my initial thoughts are:
a) can't connect bc the school firewall settings are holding me in, but i can ping other ip's that are connected to the school server...
-or-
b) computer 1 is replying to pings because im pinging locally (from computer 1 TO computer 1)

im at a loss... sorry if this is confusing, ask if clarification is needed.
thanks alot

Ok, so are you forwarding the appropriate port, 21, 22, 23 to the computer your are trying to talk to?

you probably wont be able to ping, cause your router is probably just dropping ping requests. Unless you've put computer1 in a DMZ... what is your router config?

Can you Ping Google.com? because if you can, then the school server probably isnt blocking you from pinging.


try pinging computer1 from computer2...
try ssh to computer1 from computer2
if either of these fail, then the services are not configured properly, or a firewall is blocking.

let me know on above.
kernelm

thanks for replying. no port forwarding, i thought that had to do with web/ftp servers. i didn't really know what that was. I dont have a DMZ, it seemed a little pointless. from the reading i've done on it, it seems like a DMZ was one computer with its ass hanging out for everyone to...do whatever to it and all the others are protected. this is true, yes? is the point of DMZ to have one computer that ANYone can connect to...including myself? im quite foggy on this kind of thing but i want to set my router up appropriatly rather than avoid it. thanks again.

btw: im not at computer 1 || 2 but i can ping 1 from 2, 2 from 1 but only locally (192.168...) but ipconfig only reveals local ip's, im on a dynamic ip and so, correct me if im wrong, but the router is assigned the ip and all the clients that connect to the router have that 1 IP? like i said, quite foggy on this...

what you need to do is set up your router to forward incoming requests to a specific machine on your network.

so if you want to ftp to local machine 192.168.1.50 (or whatever) from a machine outside your local network on the internet.
You need to set up your router to forward connections to ports 21 and 22 to machine 192.168.1.50, so then when you ftp to the Internet address of your router from a remote machine you will be forwarded to the proper machine.

Note: with linksys routers (and probably other brands) if you want to use port forwarding the machine you are forwarding to must have a static ip.

static, are you serious, damn! why does it matter how th eip address is obtained? ive got a dynamic ip through rr but it's been the same for at LEAST 2 weeks now. is just a group of numbers right? if it changes, i can always update the router config, or even make a program to periodically check the ip address and update the routers port forward if the ip changes, right?

EDIT: on further thought, why can't the router just forawrd to the local ip address?

linksys routers won't forward ports to ip's that are in it's dhcp range. look at the port forwarding section in your router's manual.

i'm not exactly sure what you mean by forward to the local ip address? i thought that was what you were trying to do.. do you mean forward everything to the one internal ip address?

um, i might be a little ignorant on this stuff at the moment. this is my idea, maybe im wrong, who knows?

REMOTE --telnet(dynamic ip)----->router---forward--->CLIENT
(192.168.1.100)


basically the router would say "telnet request, forward to 192.168.1.100"
(or ssh, ftp, etc) that is the basic idea i had of it, i dont see why it wouldnt work. im sure its a bit more complex than a talking router, but the concept....ya know. thanks

that is pretty much correct.

What you will have to do is give the machine a static ip in the range 192.168.1.2-192.168.1.99 inclusive and then configure your router to forward specific portsto that machine.

so give the machine ip 192.168.1.2, for example, and then configure your router to forward external port 23 to port 23 on 192.168.1.2

now when you telnet to your routers external address from a remote machine it will be passed on to machine 192.168.1.2

you won't get a message saying 'request forwarded' though.

you will also have to open port 23 on 192.168.1.2 to remote hosts. This is not a good idea, you should use ssh instead of telnet but i used telnet for the example.

very cool, thanks a LOT. im not home to try it but that seems logical. I was thinkin of pokin around the router config but it wouldve been pointless since i didnt really understand that options. thanks a lot for the reply, ill post back with (hopefully) success.