Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If you can log in/access from your LAN, it's unlikely that it is the host-based firewall that stops access from the WAN. Are you sure that traffic from outside actually reaches your server? You might want to describe your setup a bit more in detail, but as a test, run
tcpdump -i eth0
and then try accessing the machine from outside. See if you get any packets in the first place.
BTW, opening port 21 is not enough for ftp, but since this poses such a security risk anyway, you are better off using ssh and scp only if you can.
Go to your Linkys' admin page. Forget about DMZ games. Do not set a DMZ host.
Go to Advanced -> Forwarding.
Add "service port" =22 and the IP of your server. That will route incoming ssh traffic to your box. (I assume that your server has a static IP on your LAN, it must have one, can't forward to a DHCP address.) Then try ssh'ing in.
If your service contract forbids running a web server, your cable provider will most likely have blocked port 80 upstream. You will need to set up your server at a higher port (8080 or so). Don't tell them I said that.
Again, DO NOT open ftp to the WAN. Too risky. Use scp. If you do, tell me your IP, I could need another machine at my disposal :-)
Did you do the test shutting down the firewall and then try? With the tcpdump running?
If the only remaining explanation is your ISP, then find another high-numbered port, such as 13789, let the Linky forward it to your server, and start sshd on that port. Watch with tcpdump when you ssh in from the WAN.
Just for completeness, could you post you iptables config?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.