Access server from outside LAN via SSH
Hi all,
I have a home server running Debian Squeeze. This server is behind a router with a static IP. To access the apache server, in the router I have redirected port 8888 (public) to port 80 (private) so when I type xxx.xxx.xxx.xxx:8888 (where the x's represent the router's static ip address) in a web browser from outside the LAN, it displays a home page. That works just fine. Now I would like to access the ssh server from outside the LAN. To accomplish this, in the router I redirected port 1982 to the server's (private) port 22, but I keep getting a "Connection timed out" message in Putty while trying to connect to the server. Some things to consider: 1) the sshd daemon is running on the server. 2) Iptables is not blocking any incoming connections (just to test, it's configured with an ACCEPT ALL policy). 3) The Putty connection is xxx.xxx.xxx.xxx:1982 (where the x's represent the same IP address as above). 4) I already checked this post where a suggestion is given but I am not quite sure as how to implement it. I hope I have asked this question the smart way. Any suggestions / ideas are more than welcome! |
does ssh localhost work ?
are you able to ssh in from within the same network ? |
Quote:
|
Test to see if the port is even listening and check to see if you get an SSH banner using telnet. Testing from Linux,
Code:
nmap -PN -p 1982 xxx.xxx.xxx.xxx NOTE: If you're inside the LAN and ssh into your Debian server than you can still test against the xxx.xxx.xxx.xxx:1982 address. telnet localhost so that you know what kind of SSH banner you should be expecting. We'll proceed further once you've taken those testing steps. |
Quote:
Code:
Starting Nmap 5.00 ( http://nmap.org ) at 2012-07-18 11:36 ART |
Code:
1982/tcp filtered unknown At any rate I would look more closely at your router. If you try all the port forwarding settings you can then perhaps upgrading the routers firmware will fix a known/unknown routing bug. |
Quote:
Any ideas why? The router is a Dlink-600. Anyway, I'll mark this as solved, but additional insights are always welcome, so feel free to keep 'em coming. :) |
It could be a firmware bug, or possibly something internally used by the router preventing you from using the port (though if that's the case it shouldn't have let you select it to begin with). Since you're running on port 22 then generically run nmap and see what services are running on your router other than 22.
Code:
nmap -PN xxx.xxx.xxx.xxx SAM |
All times are GMT -5. The time now is 09:59 PM. |