> I have a single-Ethernet port DSL modem hooked up to a router which then > connects to two boxes running Linux. I'm not using the DHCP server > built in to the router -- both boxes have explicitly assigned IP > addresses, 192.168.1.11 and 192.168.1.12 which appear in /etc/hosts. I > want to set up port forwarding to allow ssh from the outside to > 192.168.1.11 on port 22. I've set the Fedora firewall "security level" > to "high" while allowing for the exception of incoming ssh. What modem do you have exactly? I've used the GVC BB0050 and the Speedtouch 510 which both feature DHCP and PPPOE mode or bridged mode. Bridged mode is where the modem is just a plain old dumb modem and requires either a router to bring the connection up, or the modem is hooked directly to a computer and you run some sort of PPPOE software on the computer. > Both the modem and the router have screens for setting port forwarding. > My question is: do I have to set one or the other or both? For example, > do I need to set the modem to forward port 22 to the router, and then to > set the router to forward port 22 to the 192.168.1.11? Well it depends on how the modem and router are configured. You could probably do away with the router since the modem supports forwarding and PPPOE mode natively, or you can put it back in bridged mode and let the router do the forwarding. The router will quite likely be easier to set up and possibly more reliable, but the root answer is no, you don't need to do both. You only need to do one depending on your setup. Hope this helps. -=/>Thom