Mannsi
asked on
Problem with ssh connection from Linux to XP
Hello experts,
I'm having some problems connection to my home computer (Win XP) using my Ubuntu 8.04 laptop.
I can make the connection when I'm at home where I don't have to deal with my 'outside' ip-address but only the router given ones. I installed Cygwin on the Windows machine so please ask me anything about that if you need to know. I'm using Putty on the Linux machine, and like I said it works perfectly when at home. But when I try to use it anywhere else using the hostname
computername@outside-ip-ad
I get a 'Unable to open connection to computername@outside-ip-ad
Please note that I am a beginner so if you could post questions like 'Do you have xxxx setup ? You can see it by doing yyyy' that would be great.
Thanks
I'm having some problems connection to my home computer (Win XP) using my Ubuntu 8.04 laptop.
I can make the connection when I'm at home where I don't have to deal with my 'outside' ip-address but only the router given ones. I installed Cygwin on the Windows machine so please ask me anything about that if you need to know. I'm using Putty on the Linux machine, and like I said it works perfectly when at home. But when I try to use it anywhere else using the hostname
computername@outside-ip-ad
I get a 'Unable to open connection to computername@outside-ip-ad
Please note that I am a beginner so if you could post questions like 'Do you have xxxx setup ? You can see it by doing yyyy' that would be great.
Thanks
ASKER
Thanks for the reply. For some reason I can't access my router through http://192.168.1.1 with internet explorer or firefox even though that is listed as my Default Gateway. I'm using an Zyxel Prestige 600 router. Any ideas ?
ASKER
I called my ISP and they said that my router configuration were locked but agreed to open them for me. So now I can access the router settings. I don't know if all router configurations are the same but I chose NAT - mode and there under 'SUA Only - Edit Details' I added a line with start and end port = 22 and my desktop computers Ip address. After doing this and saving, I still can't connect to my computer.
The correct way to test is to SSH to your computer from outside your home network using the public ip address.
ASKER
Is it alright if I try to SSH connect to my computer from my home network but using the public ip address ? Shouldn't that work ?
Because it doesn't right now.
Because it doesn't right now.
No .. that doesnt always work (I have had issues doing the same in the past). I usually ssh to a remote machine and then ssh back to the home server from there. Of, you can see if a friend is willing to do a test for you :)
ASKER
Ok, so I asked a friend to try to connect but he got an error saying: Network error: Connection timed out. Do you think I did the port forwarding correctly ? Anything else I could have done wrong ?
Per this doc, it looks like you have setup port-forwarding correctly:
http://portforward.com/english/routers/port_forwarding/ZyXEL/Prestige660R-61/default.htm
(i) Try rebooting your router and see if that helps.
(ii) Try to telnet on port 22 with this command (again from outside your network):
telnet <outside_ip> 22
Please provide the output of this command if possible.
http://portforward.com/english/routers/port_forwarding/ZyXEL/Prestige660R-61/default.htm
(i) Try rebooting your router and see if that helps.
(ii) Try to telnet on port 22 with this command (again from outside your network):
telnet <outside_ip> 22
Please provide the output of this command if possible.
You can also use 'Shields Up' web application to scan your open ports. Use this and check to see if Port22 is open.
https://www.grc.com/x/ne.dll?bh0bkyd2
https://www.grc.com/x/ne.dll?bh0bkyd2
ASKER
Ok, I tried rebooting the router and that did no good. Then I tried using telnet (at home though) and that gives me a 'telnet: Unable to connect to remote host: Connection refused'.
I used the site you told me about and port 22 got a 'status = stealth' which I don't know what means. Should I give you more of the results from the site ?
Thanks for all the replies btw.
I used the site you told me about and port 22 got a 'status = stealth' which I don't know what means. Should I give you more of the results from the site ?
Thanks for all the replies btw.
ASKER
now I tried changing the firewall settings of the router and now port 22 reports open on the grc.com site. I can freely telnet myself into the router with my ip address but when I try telnet my ip address and add port 22 behind it I get connection refused. Is my desktop cpu blocking the traffic ? How can I change this ?
What firewall settings did u change ? And if you are seeing the port 22 as open from the grc.com web site, then try to ssh from outside to your ssh server.
If that doesnt work, check the ssh server config (under Cygwin) to see if there is any config that allows connections from the local subnet only. This could explain why you are able to ssh from the local subnet (home) but not from outside.
If that doesnt work, check the ssh server config (under Cygwin) to see if there is any config that allows connections from the local subnet only. This could explain why you are able to ssh from the local subnet (home) but not from outside.
ASKER
I changed the settings for packet direction from WAN to LAN and from WAN to WAN/Router to Allowed when it was Blocked.
I have not tried to ssh from outside my home as I don't have access to a different network right now. Are there any possible firewall settings in my desktop computer that could be causing this ?
I haven't checked the Cygwin settings because I haven't read about how to change them, but I will do that soon if I/you don't find a different solution.
Thanks
I have not tried to ssh from outside my home as I don't have access to a different network right now. Are there any possible firewall settings in my desktop computer that could be causing this ?
I haven't checked the Cygwin settings because I haven't read about how to change them, but I will do that soon if I/you don't find a different solution.
Thanks
Yes...it could also be your windows firewall. Disable it and check it out to see if that helps too.
ASKER
Ok. I tried disabling the firewall but putty still gives me connection refused.
Tried searching for a way to change Cygwin from local to global but was unsuccessful.
So..
I can't ssh connect to my Win XP computer through WAN, only LAN.
Port 22 appears to be open according to grc.com.
I THINK I've configured port forwarding correctly, see above.
I've turned off the windows firewall on the XP machine.
I can telnet myself too my router through WAN.
Note that much of the information above has been reached through my local network but using my global ip address.
Tried searching for a way to change Cygwin from local to global but was unsuccessful.
So..
I can't ssh connect to my Win XP computer through WAN, only LAN.
Port 22 appears to be open according to grc.com.
I THINK I've configured port forwarding correctly, see above.
I've turned off the windows firewall on the XP machine.
I can telnet myself too my router through WAN.
Note that much of the information above has been reached through my local network but using my global ip address.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It worked !
I does not work when I'm at home but a friend was able to connect to my desktop. Maybe the computer firewall was the last straw. Will try to change things and see what stops the ssh connection. Could you please tell me though, was it a bad move to change the router firewall settings the way I did ? Could I harm my system ?
THANKS.
I does not work when I'm at home but a friend was able to connect to my desktop. Maybe the computer firewall was the last straw. Will try to change things and see what stops the ssh connection. Could you please tell me though, was it a bad move to change the router firewall settings the way I did ? Could I harm my system ?
THANKS.
ASKER
Thanks a million
As long as the grc.com website shows that only port 22 and/or 443 is open, you are good.... no harm to system as long as you apply the patches for ssh etc. BTW..what did you change to finally make it work ?
Your internet router (which has the public/outside ip address) does not know which machine to forward the ssh request to. You should configure 'port forwarding' on the router. It is preferable to set your SSH server (XP computer) to a static IP address. If the address of this machine is x.x.x.x, configure port-forwarding on the router to forward port 22 to x.x.x.x.
Hope this helps.