I have a local LAN set up with the router (a fancy Linksys) providing DHCP and a file and mail server doing DNS via dnsmasq. I have a dynamic IP provider, so I can, in principle, access the server from outside my LAN with the same name (which is set in its /etc/hosts file). To make this work, I need to set up port forwarding for POP3 and SSH, and it all worked fine with my previous, low-end, D-Link router.

I changed router, since WiFi coverage was really lousy, but now, when I set up port forwarding, accessing the server via WiFi for POP3 or SSH does not work any more, because the request is seen as coming from the router (which has no keys to exchange with the server) instead of the computer actually trying to connect. This seems also to be the case when access is requested from outside the LAN, basically making port forwarding completely useless.

I can't find anything in the Linksys interface that even remotely addresses such a problem, and, while I will try, I have no hope that their tech support will have a solution. Does anyone have a suggestion (besides going back to the old router, which I will any time I will be out of town, if everything else fails, but, gee...)

Thank you!

Can you access your server via ssh using its LAN IP address?
Are the LAN and wireless settings identical between the old and new routers?
How iare the network settings configured on the server?

Thanks. I cannot reach the server whether using its IP or its URL: from what I saw in the logs, once port forwarding is set up (for example port 22), the server believes it got a request from the router and not from the actual computer - but only if the connection is made through WiFi (wired connections have no problem), or from outside the LAN, still through WiFi (but the router shouldn't be able to tell in this last case). The only difference I can think of between the old and new router seems to be that the old one was set up with 192.168.0.x, and the new one as 192.168.1.x. I can move it to 0.x, but I doubt that has anything to do with anything.

The router is in charge of DHCP, but the server has a reserved assignment. The server uses dnsmasq to handle DNS. The idea is that in this way when my laptops try to reach it from within the LAN, the server checks its /etc/hosts file, where the URL is assigned to its fixed local IP. When I try to reach it from outside, No-IP translates the URL to my external IP and port forwarding should finish the job. The server uses Google's DNS servers to route requests from inside the LAN. It has always worked seamlessly until now - it even worked with this router for a while. I didn't notice any event that I could think caused this problem, but who knows.

Please post the model numbers of the old and new router.

I assume that you have not configured any sort of DMZ or guest network etc. in the router? Ignoring DMZs or guest networks I would expect with a typical home router that any device on the LAN should be able to connect to any other device regardless of whether it connected wired or wireless. I assume that wireless devices can connect to the internet.

I would check the wireless configuration settings in the router.

Thank you for your comments. I did not set up a DMZ, but I did open guest accounts (the router is a Linksys EA8500, with both 2.5 and 5 MHZ bands). However, turning the guest accounts off did not change anything: ssh over WiFi is still inaccessible if port forwarding is in place, but is fine if it is not

By the way, the D-Link router is a DIR-601 (2.5 MHz only). I used a few range extenders with it. I haven't tried to put it back in service yet, but over several years it never caused any such problem.

Not sure it will help but do you have the latest firmware installed?
http://www.linksys.com/us/support-ar...icleNum=156300

Thanks, but, yes, the firmware has the number you quote. For what it's worth I attached a snapshot of the firewall rules on the router, which I haven't touched.

Attached Thumbnails

 

I did glance at the manual but that didn't offer much help. Have you tried plugging your laptop into the router to see if you can access the server wired. Try with the server's LAN IP address and if that works use your WAN address.

Thank you again! Yes, wired connections have no problem, whether port forwarding is on or not. Can't figure out how that could be the case, but that's what happens. And, quite surprisingly to me, even if I ssh'd with the LAN IP, the log file shows that it was received as a request from the router when port forwarding was on (as already noted, it works fine if the request is over a wired connection, or if port forwarding is off).

It looks like a wireless problem with your router. What, I have no idea.

Well, I have to apologize for raising this problem, when it turns out that it was due to a very dumb mistake on my part (mainly because I clearly have very fuzzy comprehension of how DNS works). I had, foolishly, added external DNS resolvers on my router (besides the local mail/ssh/DNS server), and forgotten about them. Deleting them seems to have solved the problem. Apparently, the extra resolvers took over and presented the access request as coming from my router. I don't know why this should happen, of course. Thank you for your patience.