Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

SSH and port forwarding problem

  • 01-11-2019 5:51pm
    #1
    Registered Users, Registered Users 2 Posts: 4,196 ✭✭✭


    Hi all,
    I recently had my router upgraded by Imagine (in the middle of nowhere so Imagine is my only option) and I can't get port forwarding to my SSH box working.

    When I try and connect from an external box it just times out.

    I have also tried to forward 2230->22 in case the port is reserved but no luck.

    FTP and my security cams are working fine but not SSH.

    I can SSH internally no problem and I've checked the gateway on the SSH box is correct.

    I enabled a HTTP server briefly on the SSH box on 8080 and forwarded that and I could connect to it externally, so I know the path is correct.

    Any ideas ??


Comments

  • Closed Accounts Posts: 4,456 ✭✭✭The high horse brigade


    Are your sure you have a unique ipv4 address and are not behind local NAT?


  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    Yep, you're forwarding from the routers internal range, not your public which the antenna leases. You have to call imagine, they dont provide access to users.


  • Closed Accounts Posts: 5,017 ✭✭✭tsue921i8wljb3


    Try changing the SSH server box port away from 22 perhaps? So use a non-standard external and internal port for SSH. That is just a guess on my part though.


  • Registered Users, Registered Users 2 Posts: 4,196 ✭✭✭deadl0ck


    Are your sure you have a unique ipv4 address and are not behind local NAT?

    Yeah - getting to the webserver I ran temporarily from an external connection means the route from the outside in to the server is OK


  • Registered Users, Registered Users 2 Posts: 4,196 ✭✭✭deadl0ck


    ED E wrote: »
    Yep, you're forwarding from the routers internal range, not your public which the antenna leases. You have to call imagine, they dont provide access to users.

    I asked about this - they said the new gear for the 5g connection is completely managed from the router and there is no firewall etc on the antenna.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 4,196 ✭✭✭deadl0ck


    Actually - seeing as 8080 worked for the webserver I forwarded that to 22 and ran ssh in verbose mode and it's kind of connecting:
    ssh XXXXX@YYYY -p 8080 -v
    OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to YYYY [A.B.C.D] port 8080.
    debug1: Connection established.
    debug1: identity file /home/nnnn/.ssh/identity type -1
    debug1: identity file /home/nnnn/.ssh/identity-cert type -1
    debug1: identity file /home/nnnn/.ssh/id_rsa type 1
    debug1: identity file /home/nnnn/.ssh/id_rsa-cert type -1
    debug1: identity file /home/nnnn/.ssh/id_dsa type -1
    debug1: identity file /home/nnnn/.ssh/id_dsa-cert type -1
    debug1: identity file /home/nnnn/.ssh/id_ecdsa type -1
    debug1: identity file /home/nnnn/.ssh/id_ecdsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2
    debug1: match: OpenSSH_5.2 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.3
    debug1: SSH2_MSG_KEXINIT sent
    
    Read from socket failed: Connection reset by peer
    


  • Registered Users, Registered Users 2 Posts: 4,196 ✭✭✭deadl0ck


    So I got it working if I run sshd on a different port - the router must be blocking on something to do with 22.....


  • Closed Accounts Posts: 5,017 ✭✭✭tsue921i8wljb3


    deadl0ck wrote: »
    So I got it working if I run sshd on a different port - the router must be blocking on something to do with 22.....

    You're welcome :rolleyes:


  • Registered Users, Registered Users 2 Posts: 4,196 ✭✭✭deadl0ck


    You're welcome :rolleyes:

    Sorry Navi - just did a quick update while still working on the box - thanks for the suggestion !!


  • Closed Accounts Posts: 5,017 ✭✭✭tsue921i8wljb3


    deadl0ck wrote: »
    Sorry Navi - just did a quick update while still working on the box - thanks for the suggestion !!

    No problem. Glad you got it working. The frustration was stemming from helping others that can't even be bothered to say thanks.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    deadl0ck wrote: »
    So I got it working if I run sshd on a different port - the router must be blocking on something to do with 22.....

    Some ISPs block Telnet/SSH/SMB net wide to protect idiots from themselves. I thought it was going out of fashion but not impossible this is what Imagine are at.


  • Registered Users, Registered Users 2 Posts: 4,196 ✭✭✭deadl0ck


    ED E wrote: »
    Some ISPs block Telnet/SSH/SMB net wide to protect idiots from themselves. I thought it was going out of fashion but not impossible this is what Imagine are at.
    Well the tech guys I spoke to were adamant they didn't block 22, and it worked fine on the old router - so I reckon it could be this particular router


Advertisement