Unable To SSH To Home PC (IPCop)

C

Carlosinfl

Loves the juice
Joined
Sep 25, 2002
Messages
6,633
I use DynDns to update my dynamic IP from my ISP 24/7 to my "red" interface on my IPCop. I just checked to make sure they match and of course they do...

Now when I try to ssh -p 222 myhostname.dyndns.org, it fails. I then checked to make sure that my IPCop has "SSH" enabled via the SSH Access page in the GUI setup and it looks OK to me...

sshig8.png


Is there somewhere in IPCop that I need to specificy that when an incoming request comes in on port 222 (default ssh port) to send the request to 10.1.1.x? I can't find that considering you could have multiple machines running SSH on the green interface, no?

Thanks for any input!
 
....the check box is right in front of you bud. Check Allow TCP forwarding and forward the TCP port to your IPCop box in the Port Forwarding page.
 
OK - so my IPCop listens for ssh on port 222! however my client machines listen to ssh on port 22, so now I am a little confused.

How would that be set in Port FW?

SSH = TCP source 222 | destination 22 : destination IP 10.1.1.x
 
So if my clients behind my firewall listen for ssh on the default port 22, this rule would obviously be correct, right?

portforwardingsi2.png
 
No no. Your destination IP address + port need to be: 10.1.1.100:222 because remember, your SSH server RUNS on TCP Port 222. The only difference is that people externally, when accessing SSH servers, look on TCP Port 22. So that is why your SOURCE and DESTINATION ports need to be different. You shouldn't need to change any port settings or anything from your SSH clients - this is when your OUTSIDE your LAN only though.

When you're accessing stuff INTERNALLY no port forwarding will have any effect on what your LAN client can\cannot access. Everything is allowed to anyone in a LAN environment - you don't need port forwards or pinholes, strictly speaking. So, with that knowledge, you WILL need to change any SSH Clients you use inside your LAN to use TCP Port 222, not the default SSH port of 22.

So, to recap:

Source *.*.*.*:22
Destination 10.1.1.100:222

P.S. Why do you have a Webcam\Security Camera program sitting on your FIREWALL :eek: ?
 
You must log in or register to reply here.
Back
Top