Results 1 to 3 of 3
I have 3 interfaces on my Linux router: 172.16.4.0/23 (Called: eth0, GW: 172.16.4.1) 172.16.2.0/23 (Called: lan0, GW: 172.16.2.1) 192.168.10.0/24 (Called: wan0, masqs to lan0 and eth0, is an internet connection) ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 11-19-2013 #1
- Join Date
- Sep 2007
SSH connects to wrong IP when being routed
172.16.4.0/23 (Called: eth0, GW: 172.16.4.1)
172.16.2.0/23 (Called: lan0, GW: 172.16.2.1)
192.168.10.0/24 (Called: wan0, masqs to lan0 and eth0, is an internet connection)
All hosts can ping each other correctly and routing seems to be working fine (ie, if a host is down, ping obviously fails).
Now here's where it gets weird, if I SSH from any host in 172.16.2.0 into and try to connect to a host in 172.16.4.0, then my router that's routing traffic will always reply. Likewise if I try to from 172.16.4.0 into 172.16.2.0, my router always answers.
I can SSH into any machine perfectly fine on the same network, and from the internet inwards. The router itself can SSH into any host on any network.
It only does this for SSH. VNC remote desktop for example will work fine between the networks.
I've checked IP Tables, and there seems to be no SSH rule that would cause this (It's quite long), I made doubly sure by commenting some out to see if it had any changes.
- 01-02-2014 #2
- Join Date
- Jan 2013
Hello Syke. Thank you for writing and happy new year.
I know it might not solve it and networking now works 'classlessly', but have you tried placing the same Variable Length Subnet Mask and same class? (i.e.: eth0 being 192.168.20.0 and lan0 being 192.168.30.0, reducing also Subnet Mask if needed in order for this to work smoothly).
Might not be reasonable as the only problem seems to be that one, but IMHO might be worth it as everything else seems to work fine.
By the way, I did not understand this:
Originally Posted by Slyke
Hope it helps. Just plain brainstorm here. Hope it triggers something in your mind.
PS: Another think I'm thinking of, that might not be worth checking or modifying, is about private and public keys. Perhaps there's some error there and that's why it goes directly to your modem (wan0, if I'm not mistaken).
- 01-03-2014 #3