Re: Port forwarding and ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have a simple adsl router and gateway on the configuration i can allow
to forward port 22 to a specific machine. But when i try to connect by
ssh the machine from outside i have this answer : ssh: connect to host
toto.homeip.net port 22: Connection refused. I disable the firewall to
make some tries but the same. Is there a special configuration for ssh
to allow this ?

Eric 

You have (at least) two separate problems.  One is that your address
at toto.homeip.net is not a valid public address.  Did you set this
manually at dyndns.org?  If so, you should find out your public IP,
e.g. by visiting http://www.whatismyip.com/ from a PC on your LAN,
log into dyndns.org, and set the correct address.  If you are using
dynamic DNS client software, it is not working properly.
Your public address is not 192.168.x.x or 10.x.x.x .

Be aware that most NAT routers don't work correctly when you try
to connect to their public address from their own LAN.  So
"ssh toto.homeip.net" from your own LAN is not a valid test, even
after you have fixed the name to refer to the correct address.
Instead, if you can log into an account on a remote machine, try
testing ssh from there.  Or, have a friend test for you, or use a
dialup account from another PC.

I suspect that you might have two NAT boxes in cascade.  Are
your router and ADSL modem separate boxes?  What is the make
and model of each?  Who is your ISP?  Are you in 'zone dégroupée'?
If you go into the web interface of your router, can you find
the WAN address?  Is it 10.0.0.2 or similar?  If so, your ADSL
modem could be doing NAT, too!  In that case, you will have to
configure port forwarding on it also.

The other possibility is that your modem is connected by
PPTP or PPPoE.  If you need a user name and password to
connect to the Internet, this is probably the case,
and 10.0.0.2 is just used as an address for linking to
the modem.  The old Alcatel modems supplied by Wanadoo
were like that (they had IP 10.0.0.138) .  In this situation,
you will see the real (public) IP address in your router status.

Good luck,

Stewart

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux