Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-28-2003, 03:15 PM
|
#1
|
Member
Registered: Jun 2003
Distribution: Fedora 9 64bit, RHEL 4.6
Posts: 96
Rep:
|
Help with Port Forwarding for SSH
I am trying to access my home computer via SSH (putty) for remote locations.
I have a redhat 8 box at home with sshd running. I can access it via it's IP Address from other computers on the LAN.
I have a dynu.com domain that points to my wireless router. I am not sure what the lease time my ISP gives me, but I set up dynu utility to refresh every 5 minutes.
Because I am behind a wireless router, I assume I have to enable port 22 (ssh) to forward to my Redhat machine's IP address. I went through my router's config utility and forwarded (persistantly) port 22 to my target boxes IP. I also switched off DHCP on my router, because that would seem to nullify the port forwarding when the lease ran out.
I still cannot get putty to connect via the domain name. I get a connection refused each time.
I am sure that something I am configuring in the router is incorrect.
Here is my router's port forwarding setup:
Type=persistant
description=ssh
inbound port=22
type=tcp
private ip address=192.xxx.x.xx (my computers address)
private port=22 #I am sure this one is wrong
Anyone see where I am going wrong here? Or maybe you can elaborate on what I am misconfiguring?
Thanks
Last edited by mi6; 06-28-2003 at 03:17 PM.
|
|
|
06-28-2003, 04:13 PM
|
#2
|
Member
Registered: Jun 2003
Distribution: Fedora 9 64bit, RHEL 4.6
Posts: 96
Original Poster
Rep:
|
btw, when I ssh from my local lan and run netstat -an on the linux box I see that ports 22 and 1602 are open. Does that mean I need to port forward 1602 as well?
|
|
|
06-29-2003, 01:50 PM
|
#3
|
Moderator
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047
Rep:
|
You may need to open a firewall rule on the router and on the server machine as well.
|
|
|
06-30-2003, 01:56 AM
|
#4
|
LQ Guru
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280
Rep:
|
you might wanna see wha is on port 1602, that's no a common port (it could be but nothing i konw about ).
|
|
|
07-29-2003, 01:31 PM
|
#5
|
LQ Newbie
Registered: Dec 2001
Location: London
Distribution: Debian Woody
Posts: 17
Rep:
|
The only way I manage to get this working was by configuring the port redirecttion table (ssh|tcp|22|<i>private ip</i>|22 meaning -> service name|protocolpublic port|private ip|private port).
I have also added made the pc on which I am running sshd a dmz host, with dmz enabled on the router.
I don't know much about the dmz and it could be that just making the pc a dmz host would have work on its own, but that's my setup right now and it works.
|
|
|
07-29-2003, 01:40 PM
|
#6
|
Member
Registered: Feb 2003
Posts: 48
Rep:
|
Quote:
Originally posted by bradut
I don't know much about the dmz and it could be that just making the pc a dmz host would have work on its own, but that's my setup right now and it works.
|
Putting it in the DMZ means it has no protection from the router. Has the same security as if you just put it directly on your inet connection.
|
|
|
07-29-2003, 01:46 PM
|
#7
|
Moderator
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047
Rep:
|
Quote:
Originally posted by penguinz
Putting it in the DMZ means it has no protection from the router. Has the same security as if you just put it directly on your inet connection.
|
In a word - "No"
You DMZ will usually have less protection than your LAN but more than the WAN. For instance if you want to receive mail from people outside your LAN they will need to be able to access your mail server. You can block access to the mail server ip appart from on port 25 if the connection comes from the WAN. However you may want to let the LAN users access a web based mail system too - in which case you would allow LAN traffic access to port 80 of the server as well.
|
|
|
All times are GMT -5. The time now is 02:05 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|