[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 508
  • Last Modified:

problem with ssh redhat, 2 nic cards, one route

I've had a redhat server running for about 8 months now, I just decided to put it on the local subnet as well though and I've had nothing but problems.

Here's the setup
I have my isp connected to a hub, which goes to the server and a router, then I have another connection from the router going back into the server on my other nic card

so eth0 - say 147.32.342.12 my server ip
and eth1 - 192.168.100.103

for the most part I don't have any problems, however when people try to remoting ssh they cannot connect.

I however do not have a problem connecting through either of them, both 147.32.342.12 works, and 192.168.100.103 work for me.

my var/log/secure looks something like this

Mar  2 14:20:34 IceServer sshd[14057]: Accepted password for sean from 136.159.xx.xxx port 1585 ssh2
Mar  2 14:34:00 IceServer sshd[13973]: Received disconnect from 136.159.xx.xxx: 11: Disconnect requested by Windows SSH Client.
Mar  2 14:48:41 IceServer sshd[13917]: Received signal 15; terminating.
Mar  2 14:50:32 IceServer sshd[1098]: Server listening on 0.0.0.0 port 22.
Mar  2 14:56:06 IceServer sshd[1435]: Could not reverse map address 192.168.100.103.
Mar  2 14:56:07 IceServer sshd[1435]: Accepted password for root from 192.168.100.103 port 4480

I thought it was something to do with my routing tables that maybe my router was blocking it...
here is my route table

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.100.0   *               255.255.255.0   U     0      0        0 eth1
68.xxx.xx.0     *               255.255.252.0   U     0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         192.168.100.1   0.0.0.0         UG    0      0        0 eth1
default         68.xxx.xx.x     0.0.0.0         UG    0      0        0 eth0

Extra points if someone can tell me why my sendmail is now saying "relaying denied possible forged ip" now even though before I was on the subnet I didn't have the problem

thank you
0
DaK00L1
Asked:
DaK00L1
  • 2
  • 2
1 Solution
 
heskyttbergCommented:
Hi!

Remove the default gateway for 192.168.100.1.
I think this is what's confusing both sendmail and ssh.

You should only have one default route.
If you want to route to some other subnet set it up with another rule.

So if you need to go through an internal router to get to let's say 192.168.200.0 then add that route by itself telling it to use 192.168.100.1 as router.

As this is setup connection get's in on outer interface.
your ssh server tries to contact the remote host going out on 192.168.100.1 router telling remote host it can establish connection on let's say port 4100 on IP 192.168.100.103

Which remote client can't find and asks to close connection.

Regards
/Hans - Erik Skyttberg
0
 
DaK00L1Author Commented:
ya that was my initial thought too.  
when I remove the default 192.168.100.1, and restart my network the dchp always adds it again.. how to do I prevent that
0
 
heskyttbergCommented:
Hi!

Setup a static IP on the LAN device for linux, don't use DHCP.

Regards
/Hans - Erik Skyttberg
0
 
DaK00L1Author Commented:
that was probably the easiest 80 points you ever made :)

but the sendmail was a DNS problem, just happened to occur at the same time.

thanks a lot it was very simple... and it works good.
0

Featured Post

[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now