-   Linux - Networking (
-   -   ssh problem with dhcp router (

jewelshaw 09-09-2006 03:55 AM

ssh problem with dhcp router
Hello,every one,
I'v a problem when sshing to a remote host A(192.168.168.a),which is a internal workstation behind a router B(202.x.29.b).I'm now assigned an address C(192.168.0.c),by a dhcp router D(202.x.24.d).
I can ping through the gateway 202.x.29.1, 202.x.24.1 ,router B and D,yet I can't add all the routes with the error message "SIOCADDRT: Network is unreachable".When I was formerly in 202.x.29.1 segment,ssh worked perfect with route B.

Below's my tracepath:
jwshaw.punch@16:41:04:\> tracepath 202.x.29.b
1: ( 0.265ms pmtu 1500
1: ( 0.722ms
2: 202.x.24.1 (202.x.24.1) 1.949ms
3: 202.x.29.b (202.x.29.b) 2.337ms reached
Resume: pmtu 1500 hops 3 back 3
And ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:36:3F:6E:91
inet addr: Bcast: Mask:
RX packets:9323 errors:0 dropped:0 overruns:0 frame:0
TX packets:9166 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7849626 (7.4 Mb) TX bytes:2052827 (1.9 Mb)

Thank you in advance

rupertwh 09-09-2006 05:02 AM

Hi Jewelshaw,

if I understand you correctly, you are trying to route packets to a private address (192.168.x.x) through the Internet. That won't work.
You will have to set up a tunnel between routers B and D, preferably by way of a VPN.



jewelshaw 09-09-2006 06:42 AM

You caught the point.Actually I used to ssh to the host A(192) through the router B(202) when I was assigned directly in the 202 segment, without VPN. Well, Can I make a tunnel between B and D,without VPN,'cause as a unix host itself, should router B run a VPN server?
Or else I was totally wrong about VPN?


jewelshaw 09-09-2006 06:57 AM

By the way,I can ssh to router B, and on host B,ssh to workstation A. Does it imply anything?

rupertwh 09-13-2006 04:34 AM

Hi Jewelshaw,

that "ssh-hopping" will of course work. But it doesn't imply anything with respect to the routing. No packet is actually routed from you to A.

In order to route traffic from C to A, you will have to setup a VPN. If both routers B and D are Linux machines then it won't be much of an issue. I'd suggest openswan, which is pretty easy to set up.

Basically you can choose between either:
- tunnel between routers B and D which will connect your two private networks. This will be the most comfortable solution, if possible.
- tunnel from your workstation C to remote router B. That way, just your workstation will be able to communicate with the network behind B.

( a direct tunnel from C to A would obviously not work, as that would just put you back to square one...)


All times are GMT -5. The time now is 03:19 PM.