On Mon, 2004-10-25 at 04:23, Stewart Nelson wrote: > > My gripe comes when I try to SSH to my FC2 box from my laptop, going > > through the Internet (ssh <external-router-ip>) > > Most NAT routers don't work properly when you connect to a (forwarded) > port on their public IP from a host on their own LAN. > Would like to understand which NAT routers don't work and how they fail. I have found different NAT routers respond differently. For instance, using a standard Linksys NAT router and a Netgear FVS 318 router (has VPN support) produced different results. Systems connecting from the LAN using the public IP address on the Linksys router would have their packets redirected to the LAN retaining their local IP address as the source. The Netgear router would actually translate the source address to the public IP address. This had some interesting implications for SMTP and relaying for LAN based clients that were configured such that the used the public IP address of the SMTP server. I attribute this difference to slightly different interpretations of the specs, the one device performs the NAT prior to routing the packet back to the LAN while the other device either recognizes the packet remains on the LAN or reverses the NATing prior to sending the packet on to the destination. As to why a NAT router would cause a slow down for ssh I don't know. With the various linksys and netgear devices I have used I have not seen a slow down in connectivity when using ssh, and I use ssh extensively both locally and remotely. -- Scot L. Harris webid@xxxxxxxxxx No wonder Clairol makes so much money selling shampoo. Lather, Rinse, Repeat is an infinite loop!
