You are not logged in.

#1 2013-08-22 02:07:56

degmic71
Member
Registered: 2009-02-03
Posts: 122

SSH works internally over wifi, but not over router

I feel really embarassed I cannot figure this one out, and I have configured ssh years ago.  I am able to ssh via my Android device over wifi.  Details below.  Thank you in Advance!   Connect Bot follows a different "format" for connection obviously, compared to a Linux workstation.

router information
Router Name
DD-WRT_mike
Router Model
WZR-600DHP
Firmware Version
DD-WRT v24SP2-MULTI (11/04/12) std - build 20180

sshd config file
http://pastebin.com/bNnCmjay

NAT/QOS
Applicatoin: ssh ArchBoxMTD
Protocol(s): Both
Port in: 22
Port out: 22
Destination: 192.168.11.30 [my pc]

Device Information:
Android 4.2.1
Client: ConnectBot

Connection 1:
Network: Home Wifi
Connection String: "mikeyd@192.168.11.30:22"
Status:  [sucessful]

Connection 2:
Network: Verizon 4G
Connection String: "mikeyd@<router_ip>:22"
Status:  [failed]

I know there has to be something on my router, or verizon has an issue with this.  As it was several years ago, I am hoping someone here can help me out.  I searched for "ssh" "ssh verizon" and other things, but couldn't find a concrete answer, so if there is one in another post, I do apologize in advance.

Mike

Last edited by degmic71 (2013-08-22 02:39:55)

Offline

#2 2013-08-22 02:10:21

cris9288
Member
Registered: 2013-01-07
Posts: 348

Re: SSH works internally over wifi, but not over router

I hate to be the one to state the obvious, but did you set up port forwarding?

Offline

#3 2013-08-22 02:11:17

windows_me
Member
From: England
Registered: 2013-08-14
Posts: 36
Website

Re: SSH works internally over wifi, but not over router

Are you connecting to the public IP of the router (not the LAN IP), and have you opened a port on the router and mapped it to the IP of the box that you're trying to SSH into?


[10:04:21] Time for weekly full server backup.
[10:04:25] Redirecting it to "/dev/null" to make it go faster.
[10:04:53] Backup done! Amazing how fast modern technology is!

Offline

#4 2013-08-22 02:30:01

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

cris9288 wrote:

I hate to be the one to state the obvious, but did you set up port forwarding?

See NAT/QOS section, also next response.

Last edited by degmic71 (2013-08-22 02:32:40)

Offline

#5 2013-08-22 02:31:58

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

windows_me wrote:

Are you connecting to the public IP of the router (not the LAN IP), and have you opened a port on the router and mapped it to the IP of the box that you're trying to SSH into?


Here is a screenshot:, also see NAT/QOS above.  Yes, connecting to public WAN IP, mapped to internal ip:

http://i.imgur.com/mRTXpJG.png

Also here is my sshd config:

http://pastebin.com/bNnCmjay

Last edited by degmic71 (2013-08-22 02:39:15)

Offline

#6 2013-08-22 03:04:59

archlinuxsagi
Member
Registered: 2008-09-12
Posts: 259

Re: SSH works internally over wifi, but not over router

Where are you SSH from?
If you SSH from the LAN side to the public IP, then the router must support NAT loopback.
Also, check if verizon is blocking port 22 from the WAN side if you accessing from the internet.

Offline

#7 2013-08-22 05:45:19

rman
Member
From: United States
Registered: 2013-08-08
Posts: 14

Re: SSH works internally over wifi, but not over router

Use a port scanner and see if SSH is listening on your WAN IP.
http://www.yougetsignal.com/tools/open-ports/


Laptop: Lenovo L440, Intel Core i3-4000M, HD Graphics 4600
Desktop: Intel Core i5-4690, HD Graphics 4600, AMD Radeon R7 265 (KVM VGA passthrough)

Offline

#8 2013-08-22 11:09:21

windows_me
Member
From: England
Registered: 2013-08-14
Posts: 36
Website

Re: SSH works internally over wifi, but not over router

Might be worth mapping some public port > 1024 to your local port 22 - just in case the ISP is blocking your lower port numbers for not buying "commercial" internet.


[10:04:21] Time for weekly full server backup.
[10:04:25] Redirecting it to "/dev/null" to make it go faster.
[10:04:53] Backup done! Amazing how fast modern technology is!

Offline

#9 2013-08-22 11:10:24

windows_me
Member
From: England
Registered: 2013-08-14
Posts: 36
Website

Re: SSH works internally over wifi, but not over router

Also, try a `netstat -tanp` and make sure that sshd is bound to any address (0.0.0.0) - if its bound to your LAN IP, that would explain things


[10:04:21] Time for weekly full server backup.
[10:04:25] Redirecting it to "/dev/null" to make it go faster.
[10:04:53] Backup done! Amazing how fast modern technology is!

Offline

#10 2013-08-22 12:35:11

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

rman wrote:

Use a port scanner and see if SSH is listening on your WAN IP.
http://www.yougetsignal.com/tools/open-ports/

Interesting let me try that when I get home.  I was probably off my rocker when I said Verizon, I have a local cable company now, I used* to have Verizon.

Offline

#11 2013-08-22 12:36:34

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

windows_me wrote:

Might be worth mapping some public port > 1024 to your local port 22 - just in case the ISP is blocking your lower port numbers for not buying "commercial" internet.


I could try that, yes.  Originally I had 6969:in, 6969:out to my local ip, but not* 6969:in, 22:out to my local ip.  I will check this when I get home, working for the man right now tongue

Last edited by degmic71 (2013-08-22 12:37:32)

Offline

#12 2013-08-22 12:37:19

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

windows_me wrote:

Also, try a `netstat -tanp` and make sure that sshd is bound to any address (0.0.0.0) - if its bound to your LAN IP, that would explain things

I believe I checked that, as I followed the Arch wiki closely, but I will check this when I get home, working for the man right now tongue

Offline

#13 2013-08-22 22:24:24

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

rman wrote:

Use a port scanner and see if SSH is listening on your WAN IP.
http://www.yougetsignal.com/tools/open-ports/

no sad

Port 22 is closed on 70.44.249.119.

Is this a result of me not setting up NAT properly?  I have done this many times, but maybe I missed something.  Or does this mean my local cable internet provider hates me?  tongue

Offline

#14 2013-08-22 22:27:04

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

windows_me wrote:

Also, try a `netstat -tanp` and make sure that sshd is bound to any address (0.0.0.0) - if its bound to your LAN IP, that would explain things

Just tcp sets, no sshd even there.  Thank you though.

Offline

#15 2013-08-22 22:37:26

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

windows_me wrote:

Might be worth mapping some public port > 1024 to your local port 22 - just in case the ISP is blocking your lower port numbers for not buying "commercial" internet.

no luck.  The DDWRT router sits in front of a sb6180 motorolla modem, but there is nothing I see I can change on that.

Last edited by degmic71 (2013-08-22 22:55:24)

Offline

#16 2013-08-22 23:15:57

rman
Member
From: United States
Registered: 2013-08-08
Posts: 14

Re: SSH works internally over wifi, but not over router

Right now I'm suspecting the DD-WRT router. Does your deluge port forward work correctly?

Also, do you have iptables on your Arch box? If so, show us

iptables -nL

Laptop: Lenovo L440, Intel Core i3-4000M, HD Graphics 4600
Desktop: Intel Core i5-4690, HD Graphics 4600, AMD Radeon R7 265 (KVM VGA passthrough)

Offline

#17 2013-08-22 23:33:04

degmic71
Member
Registered: 2009-02-03
Posts: 122

Re: SSH works internally over wifi, but not over router

rman wrote:

Right now I'm suspecting the DD-WRT router. Does your deluge port forward work correctly?

Also, do you have iptables on your Arch box? If so, show us

iptables -nL

There you are sir: http://pastebin.com/7AW1gdN0

On Deluge I go through BTGuard, so naturally I get "no incoming connections"  But my speed is fine 9.6 Mb/s on average.  (I pay for 10/1 service).  I can show you any configs from that if you wish.  Don't mind the ip table entry there, that was from me adding port 6969 originally, after reading the troubleshooting area of the Arch SSH wiki.  I really appreciate the help guys, I really do.

Offline

Board footer

Powered by FluxBB