We help IT Professionals succeed at work.

SSH with different subnets

Medium Priority
1,006 Views
Last Modified: 2013-12-23
I am trying to login to a remote SSH server but it fails to connect.
However It connects locally when using the external IP or hostname so the router is correctly configured to forward port 22.

The only thing I can think of is that the external IP address of the router is on has a different subnet from the internal network.

Would this be the problem? Or am I missign something elsewhere? Or if this is the case, how can I configure my SSH client to connect to it?
Comment
Watch Question

> However It connects locally when using the external IP or hostname so the router is correctly configured
How did you prove that?
You may check the routing with traceroute or tracert, from both locations and compare the hops you see (assuming that your firewall allows that).

Author

Commented:
Surely if I make a request to the WAN address of the router from within the local network it is still treat as an external conenction?
again: how do you prove that?

> .. from within the local network it is still treat as an external conenction?
depends on the configuration of your internal router and/or firewall

Author

Commented:
My Routing Table Entry List

0.0.0.0        0.0.0.0        1.2.3.1        WAN (Internet)
1.2.3.0       255.255.255.128       1.2.3.126       WAN (Internet)
192.168.1.0       255.255.255.0       192.168.1.1       LAN & Wireless

Is that helpful?

Unfortunately I don't have physical access to the server, but I have access to the router. But as far as I remember that router would not allow you to connect via the WAN address from the local network unless the correct ports were forwarded. But I'll have to double check.

I have also looked at a few online guides about setting up my specific router for ssh connections and I have done what they have said to do.
> Is that helpful?
unfortunatelly no, as the router (most likely 1.2.3.1) is the key point

Author

Commented:
Sorry I should have been more clear.

1.2.3.1 is the gateway of the ISP
1.2.3.126 is the WAN address
255.255.255.128 is the subnet mask
192.168.1.1 is the internal router address
what do you get for

  traceroute external-IP-or-hostname

Author

Commented:
Tracing route to "hostname" over a maximum of 30 hops:
1   2ms 2ms 1ms  "the external ip"
Trace Complete.

I just tested trying to ssh locally using the external ip without the port foward and the connection was refused.
then you have to check what happens on 1.2.3.126  

Author

Commented:
How would you suggest doing that? The log system on my router is terrible. It needs to manually refreshed to view the current connections.
hmm, my crystal ball doesn't say anything about your router, sorry
I assume that the problem is the routing between 1.2.3.1 and 1.2.3.126

Author

Commented:
So the problem is between the internal ip of the router and the external ip of the router?
Commented:
The brand of router I use appears to block port 22 from external access and ignores configuration such as DMZ and portforwarding in regards to this port.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
hmm, the router is the problem as I said in http:#23663383 and http:#23664255
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.