Re: I cannot ssh from wan/lan to my pc behind a home server
Luis,
I'm sure it must a problem of Nat but if you look at the output
of "iptables -t nat -L -n -v" you can read this line (a bit mixed up!):
Chain PREROUTING (policy ACCEPT 1081 packets, 70666 bytes)
> > pkts bytes target prot opt in out source
> > destination 0 0 DNAT tcp -- eno1 *
> > 0.0.0.0/0 192.168.1.120 tcp dpt:2222
> > to:192.168.3.1:2222
in my very very low knowledge, it should do Nat! But it doesn't :-(
Thanks,
Aldo :-)
Il giorno Wed, 7 Feb 2018 17:47:30 -0300
Luis <luislopez72@gmail.com> ha scritto:
> Aldo,
>
> "Router" and "My PC" are not in the same network. Does your "File
> Server" do NAT ??
>
> Luis.-
>
>
> On 07/02/18 16:41, Aldo Maggi wrote:
> > I'm having problems with ssh from the Wan while contacting my Pc in
> > the Lan.
> >
> > It worked when I just had to go through the Router provided by the
> > ISP but problems arose when I've decided to use a small server
> > which I want to use as file server for our family Pc's, Laptops and
> > smartphone + for transferring there the webserver where I have my
> > blog. My home lan (limiting it to my Pc) is as follows:
> >
> >
> > WAN
> > |
> > ----------
> > | Router |
> > ----------
> > | 192.168.1.1
> > |
> > eno1 | 192.168.1.120
> > ----------------
> > | |
> > | File Server |
> > | |
> > ----------------
> > eno2 | 192.168.3.1
> > |
> > enp2s0 | 192.168.3.100
> > ----------------
> > | |
> > | My Pc |
> > | |
> > ----------------
> >
> > From the File Server I can ssh my pc on port 2222
> > From the lan (which is in 192.168.1.0) it is not possible to ssh
> > my pc which is in the 192.168.3.0 net
> >
> >
> > File Server:
> > (in "ufw status" output I have left only what I have thought to be
> > of interest)
> > root@Casa-mia-1:~# ufw status
> > Status: active
> >
> > To Action From
> > -- ------ ----
> > 22/tcp ALLOW Anywhere
> > OpenSSH ALLOW Anywhere
> > SSH ALLOW Anywhere
> > Anywhere ALLOW 192.168.3.100
> > Anywhere ALLOW 192.168.3.0/24
> > 2222/tcp ALLOW Anywhere
> > 22/tcp (v6) ALLOW Anywhere (v6)
> > OpenSSH (v6) ALLOW Anywhere (v6)
> > SSH (v6) ALLOW Anywhere (v6)
> > 2222/tcp (v6) ALLOW Anywhere (v6)
> >
> >
> > root@Casa-mia-1:~# iptables -t nat -L -n -v
> > Chain PREROUTING (policy ACCEPT 1081 packets, 70666 bytes)
> > pkts bytes target prot opt in out source
> > destination 0 0 DNAT tcp -- eno1 *
> > 0.0.0.0/0 192.168.1.120 tcp dpt:2222
> > to:192.168.3.1:2222
> >
> > Chain INPUT (policy ACCEPT 21 packets, 2919 bytes)
> > pkts bytes target prot opt in out source
> > destination
> >
> > Chain OUTPUT (policy ACCEPT 125 packets, 8738 bytes)
> > pkts bytes target prot opt in out source
> > destination
> >
> > Chain POSTROUTING (policy ACCEPT 125 packets, 8738 bytes)
> > pkts bytes target prot opt in out source
> > destination 885 56073 MASQUERADE all -- * eno1
> > 192.168.3.0/24 0.0.0.0/0
> >
> > root@Casa-mia-1:~# cat /etc/ufw/sysctl.conf |grep -i ip_forward
> > net/ipv4/ip_forward=1
> >
> > My Pc:
> >
> > root@aldomaggi:~# iptables -t nat -L -n
> > -v Chain PREROUTING (policy ACCEPT 0 packets, 0
> > bytes) pkts bytes target prot opt in out
> > source
> > destination
> > Chain INPUT (policy ACCEPT 0 packets, 0
> > bytes) pkts bytes target prot opt in out
> > source
> > destination
> > Chain OUTPUT (policy ACCEPT 0 packets, 0
> > bytes) pkts bytes target prot opt in out
> > source
> > destination
> > Chain POSTROUTING (policy ACCEPT 0 packets, 0
> > bytes) pkts bytes target prot opt in out
> > source destination
> >
> > root@aldomaggi:~# cat /etc/ssh/sshd_config |grep -i port
> > #Porta non standard 2222
> > Port 2222
> >
> > I thank you in advance for any help you can give me!
> >
> > Aldo :-)
> >
> >
> >
> >
>
Reply to: