Kilzool wrote:ndowens04 wrote:I have a netgear router. Like I said I looked at the port forwarding crap and looked at the ssh wiki. I tired changing port for ssh and it gave connection refused. I am using a dynamic DNS and I pinged the URL and it does list my ip address so I know it isn't anybody else's IP. I am even trying to use vsftpd and I can't connect to that either. It seems to me my connections are being blocked by router or doesn't understand that it is suppose to forward to a certain pc and it blocks it instead
I have tried connecting to it through this phone when it is on 3g instead of the network and it is the same issue.
Try this:
On the server machine, where you 'sudo ufw allow SSH'
Verify this by: 'sudo iptables -L -n | grep -i ssh'
You should see something like: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* 'dapp_SSH' */If you see this, then this machine is open to the internet for SSH connections.
Now, make sure you start your SSH server.
Now, this handy little code piece finds your actual IP#
wget http://checkip.dyndns.org/ -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1
Now if you can 'ssh 192.168.x.x' (assuming 192.168.x.x is your internal server machine), successfully, try
the next command, 'ssh YOUR-IP' (using the actual IP# from the above WGET code).** Your router should have an option to toggle NAT Filtering.
I get, from iptables -L | grep ssh, this:
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:sshSo it doesn't seem to be a issue with the firewall on server.
I always thought iptables needed a port #, not a service name.
But assuming yours is fine....
OK, so on your router, you have PORT 22 (TCP/UDP) enabled, to redirect to your server IP#.
(Port Forwarding)
You have a dynamic IP#.
So you should be able to SSH from any machine to your server.
FTP is PORT 21. I'm not sure what port VSFTP uses for secure ftp.
With WAN NAT Redirection filter on, you wouldn't be able to ssh (your server's dynamic IP), but you can ssh to it's internal 192.168.x.x ip.
From another location, you should be able to SSH to your Dynamic IP#, and it would redirect to your server IP#.
If connection refused is still happening.. we must look into your SSHD configuration.
]]>ndowens04 wrote:I have a netgear router. Like I said I looked at the port forwarding crap and looked at the ssh wiki. I tired changing port for ssh and it gave connection refused. I am using a dynamic DNS and I pinged the URL and it does list my ip address so I know it isn't anybody else's IP. I am even trying to use vsftpd and I can't connect to that either. It seems to me my connections are being blocked by router or doesn't understand that it is suppose to forward to a certain pc and it blocks it instead
I have tried connecting to it through this phone when it is on 3g instead of the network and it is the same issue.
Try this:
On the server machine, where you 'sudo ufw allow SSH'
Verify this by: 'sudo iptables -L -n | grep -i ssh'
You should see something like: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* 'dapp_SSH' */If you see this, then this machine is open to the internet for SSH connections.
Now, make sure you start your SSH server.
Now, this handy little code piece finds your actual IP#
wget http://checkip.dyndns.org/ -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1
Now if you can 'ssh 192.168.x.x' (assuming 192.168.x.x is your internal server machine), successfully, try
the next command, 'ssh YOUR-IP' (using the actual IP# from the above WGET code).** Your router should have an option to toggle NAT Filtering.
I get, from iptables -L | grep ssh, this:
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
So it doesn't seem to be a issue with the firewall on server.
]]>I have a netgear router. Like I said I looked at the port forwarding crap and looked at the ssh wiki. I tired changing port for ssh and it gave connection refused. I am using a dynamic DNS and I pinged the URL and it does list my ip address so I know it isn't anybody else's IP. I am even trying to use vsftpd and I can't connect to that either. It seems to me my connections are being blocked by router or doesn't understand that it is suppose to forward to a certain pc and it blocks it instead
I have tried connecting to it through this phone when it is on 3g instead of the network and it is the same issue.
Try this:
On the server machine, where you 'sudo ufw allow SSH'
Verify this by: 'sudo iptables -L -n | grep -i ssh'
You should see something like: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* 'dapp_SSH' */
If you see this, then this machine is open to the internet for SSH connections.
Now, make sure you start your SSH server.
Now, this handy little code piece finds your actual IP#
wget http://checkip.dyndns.org/ -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1
Now if you can 'ssh 192.168.x.x' (assuming 192.168.x.x is your internal server machine), successfully, try
the next command, 'ssh YOUR-IP' (using the actual IP# from the above WGET code).
** Your router should have an option to toggle NAT Filtering.
]]>seems to me my connections are being blocked by router
Run e.g. iptraf or wireshark (or even iptables logging) on the Linux server, to see if the packets are being forwarded by the router.
]]>I have tried connecting to it through this phone when it is on 3g instead of the network and it is the same issue.
]]>if you are trying to connect using your external ip address from inside the network, many home routers do not support it. I have been stuck with the same issue before. Try connecting from a friend's house and see if it will work. I am no networking guru but AFAIK, to do what you want, you need a router with "nat hairpinning" feature. If you have a d-link router, you might be in luck. Check this
]]>