Firewall/NAT

I know this is a very simple task and I've had no problem with it on my old firewall, IPCop, but I can't get it to work with m0n0wall.

I want to forward an incoming ssh connection, and only ssh, to my workstation in my LAN.  I have done this before and could check from my workstation itself by ssh'ing to the WAN interface's IP address.  Now that does not work at all.  I've set up a firewall rule for TCP protocol from any address and any port on the Internet to my workstation IP address if the destination port is 22.

When I try this, like I used to test with IPCop, my connection is instantly denied:

ssh: connect to host x.x.x.x port 22: Connection refused

I know this is a absurdly simple issue, but I can't get it to work.  Thanks for any help on this!

Are you putting in a NAT rule or just a firewall rule? You need inbound NAT plus a firewall rule. NAT rule tells the traffic where to go, firewall rule tells it what to allow.

Also, you can't test this from inside your network, see:
http://doc.m0n0.ch/handbook/faq-lannat.html
 

Okay -- so I need to set up a NAT rule as well.  I got it.  Now I'm trying to find a free shell account I can use outside my LAN for testing.  Unfortunately my website's shell account isn't working right.

Thanks!

If you want, you can PM me your IP and I can test to make sure a logon prompt comes up.

Thanks.  I was close to taking you up on that when I finally got it working from my shell account at my web hosting service.  Sometimes their shell commands have a lag, so I couldn't tell if the delay I got was from that or from it not connecting, but it's working now.

I guess it just will take a bit of getting used to, since it's a new way of doing things for me.