ssh setup on gateway

[sumit]

Hi,

I have a mandrake 10 gateway installed with two ethernet cards. eth0 connects to the internal network, while eth1 connects to the outer world.

When I try to ssh from the gateway to any of the system, I get error saying, "Connection refused". Could someone help me with it. What configuration do I have to change so that I can SSH from anywhere to anywhere. Currently, I cannot even ping the internal network from the gateway. I however can ping the gateway from the internal network and also connect to the internet from the local network using IP forwarding.

Thanks in advance,
Sumit

[jeremy1701]

Not 100% sure, but from the sounds of it, you could be having firewall issues. What are using? If you used the ICSW in MCC, then you're probably using Shorewall & Squid. If not, you'll need to let us know.

A couple of questions for clarity... Can you SSH from Net to Gateway? Can you SSH from an internal computer to the Gateway? Do the other computers on your network have running firewalls?

Jeremy

[sumit]

Thanks for responding Jeremy. Yes, I am running firwall on the gateway. I am having Shorewall and Squid running on it.

I can ssh from net to gateway, and also from internal computers to the gateway. but i cannot ssh from gateway to internal computers. These internal computers do not have any firewall running on them.

thanks!

[jeremy1701]

On that note, can you ssh to the Internet?

In your /etc/shorewall/rules file, you should have a line(s) that looks similar to this:

ACCEPT net fw ssh ;
ACCEPT loc fw ssh ;

This will allow ssh into the system from both your internal network and the net. To allow ssh from your fw to everything else, you should have a line(s) like this:

ACCEPT fw net ssh ;
ACCEPT fw loc ssh ;

If these aren't there, try the loc one first.
Jeremy