drei22
asked on
Solaris 10 SSH issues
Experts,
I'm having an issue where I can successfully SSH inside our LAN, but can't SSH from the WAN to Solaris servers. These are new vanilla installs of Solaris 10 v5.10 with 10_Recommended patch cluster 144488-17 installed. From what I can tell SSH installed with no problems as I can SSH to and from Windows, Linux and other Solaris servers, yet when I try to come in from the WAN I get a "connection timed out" error from Putty. Also I must mention that this error is intermittent in that sometimes a connection will work on box A and B, but Box C won't connect and vice versa. I can also successfully ping each server from the WAN with no problems. Where should I start troubleshooting?
Thanks
I'm having an issue where I can successfully SSH inside our LAN, but can't SSH from the WAN to Solaris servers. These are new vanilla installs of Solaris 10 v5.10 with 10_Recommended patch cluster 144488-17 installed. From what I can tell SSH installed with no problems as I can SSH to and from Windows, Linux and other Solaris servers, yet when I try to come in from the WAN I get a "connection timed out" error from Putty. Also I must mention that this error is intermittent in that sometimes a connection will work on box A and B, but Box C won't connect and vice versa. I can also successfully ping each server from the WAN with no problems. Where should I start troubleshooting?
Thanks
ASKER
@arnold
The firewall has been configured to allow a range of the correct IP's. The weird thing is that certain boxes will allow ssh for a short time, then disconnect for no reason at all. I have no /etc/hosts.allow files on these boxes, are they necessary?
The firewall has been configured to allow a range of the correct IP's. The weird thing is that certain boxes will allow ssh for a short time, then disconnect for no reason at all. I have no /etc/hosts.allow files on these boxes, are they necessary?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The problem ended up being that routing wasn't setup correctly on each server.
check /etc/hosts.allow and see whether you have sshd:LAN_IP_range
try telnet <solaris_server> 22
and see whether the connection is in syn_sent or whether the TCP session is actually established.