Find the answer to your Linux question:
Results 1 to 3 of 3
Hi, I can connect to my Server from Machine1 via ssh locally (192.168.1.100) However, I failed to do so when connect from outside (210.xxxxxx) I've tried to turn off the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 05-08-2010 #1
    arthurccube
    arthurccube is offline
    Just Joined!
    Join Date
    May 2010
    Posts
    1

    ssh succeed local failed outside

    Hi,

    I can connect to my Server from Machine1 via ssh locally (192.168.1.100)

    However, I failed to do so when connect from outside (210.xxxxxx)

    I've tried to turn off the Firewall(s) (in linux and router). But no good.

    My Server is in DMZ, I don't know if any related issue created from it.

    Anyone has clue?

    Thanks much!
    Reply With Quote Reply With Quote
  2. 05-08-2010 #2
    nmset
    nmset is offline
    Linux User
    Join Date
    Nov 2009
    Location
    France
    Posts
    292
    Your router must forward the target port (22 as default) to the target host. Outbound traffic on that port from the originating LAN must be allowed too.
    0 + 1 = 1 != 2 <> 3 != 4 ...
    Until the camel can pass though the eye of the needle.
    Reply With Quote Reply With Quote
  3. 05-09-2010 #3
    alf55
    alf55 is offline
    Linux User
    Join Date
    Jan 2005
    Location
    Saint Paul, MN
    Posts
    396
    Quote Originally Posted by arthurccube View Post
    Hi,

    I can connect to my Server from Machine1 via ssh locally (192.168.1.100)

    However, I failed to do so when connect from outside (210.xxxxxx)

    I've tried to turn off the Firewall(s) (in linux and router). But no good.

    My Server is in DMZ, I don't know if any related issue created from it.

    Anyone has clue?

    Thanks much!
    The addresses "192.168.xxx.xxx" are not allowed to go through your router and onto the internet. This is not the only range that can not get out onto the internet. Lots of times a router or a hardware firewall will use these suppressed address ranges and handles the "Network Address Translation (NAT)" as packets leave and enter the network using only the IP address assigned to the "internet" side of the device.

    TCP/IP emerged in mid-late 1978 in nearly final form (while these were not officially adopted until 1981. The ranges that were reserved for testing (and expanded into the private network usage) are:gvim
    Code:
     # According to RFC 1918, you can use the following IP networks for private 
# nets which will never be connected to the Internet:
#
#       10.0.0.0        -   10.255.255.255
#       172.16.0.0      -   172.31.255.255
#       192.168.0.0     -   192.168.255.255
#
# In case you want to be able to connect directly to the Internet (i.e. not 
# behind a NAT, ADSL router, etc...), you need real official assigned 
# numbers.  Do not try to invent your own network numbers but instead get one 
# from your network provider (if any) or from your regional registry (ARIN, 
# APNIC, LACNIC, RIPE NCC, or AfriNIC.)
#
    What does this mean, you need to be able to connect to the machine that has the public address (or in the case of a hardware firewall to the port that is mapped to a machine on the private network) to get access to the 192.168.1.xxx network.

    You might be able to setup a reverse ssh tunnel where your machine.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules