On 12/7/2020 8:11 PM, Gary Dale wrote:
On 2020-12-07 14:03, john doe wrote:
On 12/7/2020 7:54 PM, Gary Dale wrote:
On 2020-12-07 13:24, john doe wrote:
On 12/7/2020 6:38 PM, Gary Dale wrote:
(actually through the /etc/hosts file using the server's name).
I've set up port forwarding on both my routers (I have an inner
network
and an outer one, using the outer network for devices I don't really
control). I can access my Apache2 server on the inner network by
forwarding port 80 on the outer network to the WAN address of the
inner
router and forwarding that to my server. Pointing my browser to the
external IP address of the outer router brings up the default page -
which I can change so I know it's the actual local page > However,
when I try to ssh to the same address, it just times out.
I've compared the sshd.conf file on my local server to one on a
remote
server and they are identical. The only uncommented lines are:
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
Any ideas on what's going wrong?
- This looks like your port forwarding is not working...
- What are the logs saying?
- Is the SSH server allowing access from the outside?
Note that it is unclear to me how you can test outside access from
the
inside.
Your first point is what I am complaining about. The outer router
doesn't have a log function and an ssh attempt never shows up on the
inner router. As I explained in the initial post, I've set up the port
forwarding to allow it and the sshd.conf file is identical to one that
allows access from the outside.
I can test outside access from the inside by trying to connect to the
external address. As with my browser example, the request goes to the
device that has the particular IP address being sought. That is the
external port on the outer router. I can also ssh to the external port
on the inner router (which I can't think of a reason to do except for
testing). Interestingly, this works but doesn't get logged.
Sorry, I'm lost at your setup, the only thing that I can say is that
something looks to be rong with regard to your firewall config.
The thing is the forwarding setup is the same for port 22 as it is for
port 80. I know that the port 80 forwarding is working so why isn't the
port 22 forwarding?
I still don't know the answer to that one, but when I changed the
external port to something else (on the outer router), it started
working.
Something is rong if it works that way.
You did not use the same rule for both port 80 and 22, if yes, this
would mean that port 22 and 80 are redirected to port 80, which is not
what you want.
In other words, you need one rule per redirect port.