Need Some Port Forwarding Help

cin_ · 08-27-2012, 11:39 AM

I have a network that is laid out as such:

Code:

[IP Gateway]==={Router}--{Server}
     ||
{Personal Computer}

Basically, I have an IP Gateway that brings the connection in. From here I have two hardwired connections. The first runs to a wireless router, and the second runs to my personal computer.
Hardwired to the wireless router is a server offering up http and ssh accesss.

What I want is remote access from my computer to the server.
What I am getting is http access without ssh access.

The Gateway leases IPs of the 10.1.10.* variety and the router leases out 192.168.11.*.

That means my personal computer has an IP of 10.1.10.17, and the server has an IP of 192.168.11.13, and the router has an IP of 10.1.10.109.

The Gateway has no special configuration as per this interest. I assumed internal business like this would not require it since there is no need for access outside of the network itself.

The Router has Port Forwarding of port 80,8000,and 22 set to the 192.168.11.13 address.
There appears to be no firewall settings activated on the Gateway or the Router.

From my computer if I type http://192.168.11.13 I get my Apache2 server just fine, but when I try to ssh into the same IP I get a connection timed out error.

I want to resolve the ssh issue, but also what I am confused on is why http would work and ssh would fail.
Theoretically I thought I'd have to send my requests to the router's IP,10.1.10.109, and the router would forward me through to the necessary local IP,192.168.11.13, but instead I just send out the local IP and I get the server I want.
Hows am I missing...?

The gateway is : Comcast Business IP Gateways :: SMC8014
... the manual ... http://www.smc.com/index.cfm?event=d...rtNumber=false
The Router is : Buffalo Air Station NFiniti High Power Giga :: WZR-HP-G300NH
... the manual ... http://cdn.cloudfiles.mosso.com/c850...Manual_web.pdf

pix9 · 08-27-2012, 04:19 PM

I have few questions which I think might help you or me to solve the problem.

1) is sshd running on server?

2) if sshd is running on server. then is there any firewall blocking the traffic to it?

3) how is your router configured to do port forward ?

thank you
regards

suicidaleggroll · 08-27-2012, 04:35 PM

The whole post makes sense, except for this:

Quote:

Originally Posted by cin_

From my computer if I type http://192.168.11.13 I get my Apache2 server just fine

For this exact reason:

Quote:

Originally Posted by cin_

Theoretically I thought I'd have to send my requests to the router's IP,10.1.10.109, and the router would forward me through to the necessary local IP,192.168.11.13, but instead I just send out the local IP and I get the server I want.

What happens if you try to connect to the router address at 10.1.10.109 via both http and ssh?

cin_ · 08-27-2012, 04:40 PM

pix9
(i) Yes, I have access to it if I have a computer hard wired to the router or on the router's wireless network. That is to say within the 192.168.11.* range.
(ii) Not that I know of. Everything seems set to be as open as possible... unless there is something I am missing.
(iii)

Code:

Port Forwarding Registration Information
Group,Internet Side IP Address,LAN Side IP Address,Protocol,LAN Side Port
http2, AirStation’s Internet IP Address, 192.168.11.13, TCP Port:8000, TCP Port:8000
http1, AirStation’s Internet IP Address, 192.168.11.13, HTTP (TCP Port: 80), HTTP (TCP Port: 80) 		
ssh, AirStation’s Internet IP Address, 192.168.11.13, SSH (TCP Port:22), SSH (TCP Port:22)

cin_ · 08-27-2012, 04:49 PM

suicidaleggroll, I agree completely. This is what is so troubling.

If I try to connect to the routers 10.1.10.109 address I get server not found in the browser, http, and port 22: connection timed out with ssh. Very strange.

Again, allow me to reiterate:
From within the router's network, ie the 192.168.11.*, I can use both http and ssh.
From without the router's network but within the gateway's I can somehow use the router's local address for the server, ie 192.168.11.13 to see the http, but it fails to work on the ssh as well as the router's IP address failing for both http and ssh.

suicidaleggroll · 08-27-2012, 04:53 PM

Can you reach the server from within the router's 192.168.11.* network, by going to the router's public address 10.1.10.109?

cin_ · 08-28-2012, 03:02 AM

Okay the strange functionality seems to have stopped, but the problems persist.

Now when I type in the local IP outside of the router's network I am greeted with a server not found.

suicidaleggroll, if I type the 10.1.10.109 into the router's local network then I get the router's configuration page. The same as it's 192.168.11.1 IP.

gsahli · 08-30-2012, 05:31 PM

Sorry I didn't reply sooner - wasn't sure if you want to do what you're doing ! ...
You have a nested network - the router is an isolated network of its own. Since both routers are doing DHCP (giving out IP addresses), it is safe to assume they have a firewall on.
You will make your life simpler by making "the router" a bridge. That means only the "IP gateway" will be providing IP addresses, (DHCP service) and all computers/devices will be in the same subnet.
Different brand routers have differing ways to do this (read the manual) -
some will have a clear setup option for bridge mode; some will require you to turn off DHCP and connect your ethernet input to one of the LAN (normally output) jacks and not use the WAN (normally input) jack.

Of course, if I've misunderstood the purpose of what you're doing - let us know!

JJJCR · 08-31-2012, 05:32 AM

hi cin, basically you have two routers right?

one that is connected to the public ip and the other router is your wireless router? do i understand correctly?

why i said you have two routers, because you got two types of private ip. 192.168.x.x and 10.x.x.x

can try to elaborate further, you cannot connect from 192.168.x.x network to 10.x.x.x?