SSH "Connection Refused" problem when there is no firewall/router involved in Fedora4
Hi there everyone
this has been really frustrating, I have been googling online and haven't found a solution yet. I am using a Verizon DSL modem and have my Fedora 4 machine connected to a hub that is directly connected to the modem. I have no firewall on my Fedora 4 and I have checked the iptables and Security Level from Systems Settings. There should not be any port restrictions on the hub(a physical layer device, not a router) and the DSL modem. Thus, I do not know understand why I can ssh locally with "ssh localhost" but cannot from any other external machine. I have gone to a site like www.whatismyip.com to figure out my external IP and that does not work. When I ssh to that IP, I keep getting port 22 Connection refused. I only have one network interface on my Fedora 4, and when I do ifconfig eth0, I get : inet addr:192.168.1.45 Bcast:255.255.255.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:28790 errors:0 dropped:0 overruns:0 frame:0 TX packets:32197 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:8862981 (8.4 MiB) TX bytes:3830715 (3.6 MiB) Interrupt:10 Base address:0x8000 and the inet addr here does not match that of the external IP. When I do "nmap localhost" I get: Interesting ports on localhost.localdomain (127.0.0.1): (The 1659 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 111/tcp open rpcbind 631/tcp open ipp Nmap finished: 1 IP address (1 host up) scanned in 1.043 seconds HOWEVER, when I do "nmap (my external IP)" I get : All 1663 scanned ports on (external IP) are: closed Nmap finished: 1 IP address (1 host up) scanned in 1.083 seconds So does this mean there is still some problems with the Fedora 4 or is there some form of restriction on the DSL modem? I have tried to plug the Fedora machine directly to the modem and the same thing happens. By the way, I just installed Fedora 4 brand new on this machine. Please share your thoughts, thanks in advance! |
hi there.are you using modem router? Maybe there is a firewall enabled on the modem. There isnt anything wrong on Fedora 4. Maybe you can check what's ur box is listening on by issuing this command :-
[root@pbr tcpip]# netstat -tunlp It supposed to show this :- ... tcp 0 0 :::22 :::* LISTEN 12996/sshd ... which means sshd is ready to accept request from anywhere providing that no firewall is blocking it. |
Hi there,
I tried "netstat -tunlp" and it shows: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:32769 0.0.0.0:* LISTEN 1569/rpc.statd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1551/portmap tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1880/cupsd tcp 0 0 127.0.0.1:5335 0.0.0.0:* LISTEN 1865/mDNSResponder tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1945/sendmail: acce tcp 0 0 :::22 :::* LISTEN 2896/sshd udp 0 0 0.0.0.0:32768 0.0.0.0:* 1569/rpc.statd udp 0 0 0.0.0.0:897 0.0.0.0:* 1569/rpc.statd udp 0 0 0.0.0.0:68 0.0.0.0:* 8414/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 7088/dhclient udp 0 0 0.0.0.0:5353 0.0.0.0:* 1865/mDNSResponder udp 0 0 0.0.0.0:111 0.0.0.0:* 1551/portmap udp 0 0 0.0.0.0:631 0.0.0.0:* 1880/cupsd So, yea, there is no firewall on Fedora 4 indeed. By the way, I was looking on google on my Verizon DSL modem, which is a Westell 6100, and I found out that I can log onto it at 192.168.1.1 , but it says that there is no firewall on it too. However, I do see that Private LAN DHCP is enabled which is why my Fedora 4 gets assigned and IP like 192.168.1.45 which is within a range of available private LAN IPs specified there. Public LAN DHCP is , however, disabled, but what is the difference between public and private LANs here? Thanks! |
Private IPs are not routable across the web. Apparently your modem is acting as a NAT device, so for this to work you will have to forward requests to port 22 from the modem / NAT device to the local machine's IP.
|
Yea,
I will definitely try that. So it seems like the output of the nmap command is determined by what the modem filters then. Thanks |
I also want to mention - running nmap against localhost does not really tell you much. Not all services are attached to the loopback interface.
|
All times are GMT -5. The time now is 04:24 PM. |