News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: ssh into my fileserver
Pages: [1]
Topic: ssh into my fileserver  (Read 2275 times)
« on: March 28, 2008, 16:02:11 »
latenite *
Posts: 5
Hallo everyone

English is not my mothertongue, so please excuse.
My Problem is: I can not login to my fileserver behind m0n0wall from the internet.
When I nmap my IP (poeritz.dyndns.org) from inside my LAN I get:

Code:
[15:56:50] [kai@desktop:~] $ nmap -PN -p22 poeritz.dyndns.org

Starting Nmap 4.53 ( http://insecure.org ) at 2008-03-28 15:57 CET
Interesting ports on e179001247.adsl.alicedsl.de (85.179.1.247):
PORT   STATE  SERVICE
22/tcp closed ssh

Nmap done: 1 IP address (1 host up) scanned in 0.283 seconds
[15:57:03] [kai@desktop:~] $

and from outside my network i get:
Code:
corvette:~# nmap -PN -p22 poeritz.dyndns.org

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-03-28 15:58 CET
Interesting ports on e179001247.adsl.alicedsl.de (85.179.1.247):
PORT   STATE    SERVICE
22/tcp filtered ssh

Nmap finished: 1 IP address (1 host up) scanned in 2.121 seconds

When I unplug M0n0wall and use my old router I get a open ssh port and all works just fine.

I have addedt a NAT rule an auto added a firewallrule. No luck
here is my config file:

http://poeritz.de/temp/config-firewall.local-20080328144520.xml

What will I habe to do?
Thank you for your help Smiley
« Reply #1 on: March 28, 2008, 17:57:04 »
latenite *
Posts: 5
any ideas??

Is anyone successfully using  ssh trough m0n0wall to connect to a server behind the wall? If so, can you PLEEEASE post your config file?
« Reply #2 on: March 28, 2008, 18:17:12 »
fredg
Guest
From your config:

I see your m0nowall LAN IP is 192.168.2.1/24

Then I see NAT and Filter using 192.168.3.3 as the target for ssh.

192.168.2.0/24 and 192.168.3.0/24 are not the same network, so from what I can see you have either made a typo or you want/need  to set up a third interface (192.168.3.0/24) and haven't done it yet.
« Reply #3 on: March 29, 2008, 00:03:37 »
SlickNetAaron *
Posts: 44
monowall has ssh login for its own use.  So monowall itself would be intercepting the SSH requests and not forwarding it to your fileserver.

If you switch to, say, port 21 on the WAN and then port forward 21 to 22 on the LAN that should work.

I don't know ssh very well, but you should be able to specify which port to connect on very easily from the outside world.

Regards,
Aaron
« Reply #4 on: March 29, 2008, 00:12:55 »
fredg
Guest
m0n0wall has ssh login for its own use? I'm new to m0n0wall, but I don't think so. Kindly correct me if I am wrong.
« Reply #5 on: March 29, 2008, 04:24:44 »
SlickNetAaron *
Posts: 44
You  might be right.  I've been using pfSense and it does have ssh.  I figured that would be common.  I'm not seeing the option in the GUI.

Is it possible your ISP is blocking 22 like most ISPs block 80?  *shrug*

I had the same issue with my mom's DSL modem - the modem was eating port 22 even tho it did not have SSH enabled.  I could never get around it.

Aaron
« Reply #6 on: April 14, 2008, 12:24:10 »
thuety *
Posts: 34
I've been running a Port 22 NAT to my debian server for years (swiss adsl and cable).
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines