• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Can't get through to my server from external but can if I'm internal

#1
I set my linksys router to have port forwarding to the SSH port but when I try connecting from an external network I get a timeout. If I'm connected to my network internally and SSH the port forwarding goes to the correct server and I'm able to login.

Externally, SSH times out and so does ping - Traceroute makes it as far as my local Comcast . . .

Any ideas?
 

kcnychief

█▄█ ▀█▄ █
Political User
#2
If you can do it internally but not externally, something has to be configured incorrectly on the router I would wreckon.

Try RDP to see if you can get through?
 

kcnychief

█▄█ ▀█▄ █
Political User
#4
Well a ping isn't a true test, as you probably have ICMP blocked.

I still say double-check your firewall though, what is the make/model of it? Post a screenshot of your port forwarding screen?
 
#7
I noticed I had "Block WAN Request" enabled in the "filtering" tab, this may have been the issue. I'll have to try externally but I think this may have been the issue. Thank you everyone for the help.

did you ip address change on the server?
Nope, the server has a static IP assigned.

posts merged
 
Last edited by a moderator:
#8
Ok, so I've tried everything now, reset the router to factory defaults, followed instructions for enabling ssh step by step and nothing.

Should I buy a new router? Could it be the Debian box? Should I just nuke that and install FreeBSD? It seems like it isn't the Linux box if I'm able to ssh in while inside my network . . . but that also means the linksys router is forwarding right? What the hell could be causing this?
 

kcnychief

█▄█ ▀█▄ █
Political User
#9
I'm sorry for not suggesting this earlier, but it could be possible your ISP is blocking the ports necessary to access it. It could be a longshot, depending on your provider and config, but it's something you should try. SSH isn't illegal, so there is no harm in contacting your ISP and asking them if they block the port. If they are, they might even unblock it for you.

Most ISPs will block ports by default, such as ports required for SMTP/POP3 because they don't want people running e-mail servers. Also common ports to block are those necessary for VPN connections. All viable purposes, but blocked for the safety of the consumers for the most part. In different instances, I have had all ports opened successfully by contacting my ISP and providing due cause.

Furthermore, it's not the OS because everything works fine internally. I don't think it's the router because you reset to defaults and that is essentially the "loosest" config.
 
#10
OK, thank you for the assurance on the Debian setup :)

I called COMCAST and they said that "all ports are open"

I then proceeded to reset my router again.

I disabled "Block WAN" on the router.

I setup port forwarding to forward port 22 to port 22 on the local IP of my server.

I ran a test on grc.com which said that port 22 was in "stealth" mode. Could this be the problem?
 

j79zlr

Glaanies script monkey
Political User
#11
Sounds like it isn't listening on 22. Is ssh listening on port 22 on the debian box? I would do a nmap [port] scan inside your LAN and see what is open on the debian PC, just to make it is in fact listing on port 22.

If comcast is in fact blocking ssh, just because lvl1 tech said they aren't doesn't really mean anything. ;) Try forwarding port 2222 to port 22 and connect using ssh username@hostname.com:2222
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,018
Latest member
dixoncarry