After changing gateway, ssh stops working

Enable debugging

To do this edit your sshd_config file:

 $ sudo nano /etc/ssh/sshd_config
 
Change

 LogLevel INFO

To

LogLevel DEBUG

Higher levels include DEBUG2 and DEBUG3 if needed.

On the client side to get more verbosity, try this:
 $ ssh -vvv user@host

http://scottlinux.com/2012/01/04/troubleshoot-ssh-authentication-failure/

Why wouldn't you leave your public gateway as is and create a static route for the traffic that you want port forwarded to the firewall?

I believe I have found a solution. It may be what _jesper_ is suggesting, but I would have needed a bit more detail on "how to" create a static route.

I used the link: http://linlog.blogspot.com/2010/02/multiple-gateways-on-same-host.html as a guide, though that fellow was trying to solve a similar problem with one network card. The solution I needed which configures 2 gateways for 2 different network cards can be found in: https://www.experts-exchange.com/questions/28083608/Linux-Slackware-need-to-have-different-NICs-with-different-gateways.html?anchorAnswerId=39042682#a39042682

_jesper_, is that what you were talking about?

Or just create persistent routes:

http://www.itsyourip.com/Linux/howto-add-a-persistent-static-route-in-redhat-enterprise-linux/

OK, that link describes what I need to do, but the link is for RedHat and I have Slackware. Apparently, one does not set up permanent routes the same in these distros. Slackware has no /etc/sysconfig/network-scripts/ folder, which is what that link uses.

Can someone give me the slackware command(s) to do this? I'm not familiar with this level of network setup. I basically monkey-typed the 'ip route add table' and 'ip rule add' commands from the link http://linlog.blogspot.com/2010/02/multiple-gateways-on-same-host.html, but the instructions on that link for making the route persistent (Fedora) were like the RedHat ones using /etc/sysconfig.

What I did to make the changes was:

$ echo "1 test" >> /etc/iproute2/rt_tables
$ ip route flush table test

$ ip route show table main | egrep -Ev "^default" | while read route
do
  ip route add table test $route
done

$ ip route add table test default via 192.168.0.1

# Listing the 2ndary table/gives:

$ ip route show table test
64.129.23.64/26 dev eth0  proto kernel  scope link  src 64.129.23.95
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.3
127.0.0.0/8 dev lo  scope link
default via 192.168.0.1 dev eth1

$ ip rule add from 192.168.0.3 lookup test
$ ip rule add to 192.168.0.3 lookup test


Here is my /etc/iproute2/rt_tables before I made the changes:

#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
#1      inr.ruhep

And here is it after I made the changes:

#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
#1      inr.ruhep
1 test


I suppose these tables and routes get deleted upon reboot? So, how to I do the above permanently in Slackware?

According to this thread, via the firewall rules:

http://www.linuxquestions.org/questions/slackware-14/persistent-static-routes-870591/

_jesper_, thanks for the link. That link suggested *where* to define the routes (either in rc.local or rc.firewall), but not *how* to define the routes. Do you know how I would do this? Would I put all the commands I used in my post 39058850 in one of the rc. scripts? The whole while/do loop and everything? I can do that, but it seems like a bit of overkill to define a route.

here's my guess:

route add -net 192.168.0.0/24 gw 192.168.0.1

would that all by itself do the trick? I'd like some feedback before I try it -- this is a production machine.

Since this is getting to be a rather long question, let's review:

I have 2 NICs, one at IP xx.129.23.95 and the other at IP 192.168.0.3. The default gateway is set to xx.129.23.65.

An up-stream router/firewall wants to forward all port 25 requests to 192.168.0.3, but that doesn't work with the xx.128.23.65 gateway. Setting the default gateway to 192.168.0.1 got the port 25 requests working, but no traffic on xx.127.23.95. I put the gateway back to xx.128.23.65 and to get port 25 traffic routing to 192.168.0.3 working, I went through elaborate procedure posted earlier.

Now, I just want to make a permanent static route so that all traffic for 192.168.0.3 will use 192.168.0.1 as the gateway. Will the 'route add' command at the top of this message do what I want?

No ideas on this? I would think such a setup would be common. To simplify:

I have a linux/slackware host we'll call MAIL. It has 2 NICs:

xx.128.23.95  - connected to Internet on eth0
192.168.0.3  - connected to LAN on eth1
xx.129.23.65 - default gateway configured in /etc/rc.d/rc.inet1.conf

192.168.0.1 - is the LAN firewall/router, connected to Internet on  xx.129.23.80. It forwards port 25 to 192.168.0.3

I need all traffic for 192.168.0.xx to use the 192.168.0.1 as a gateway.

These don't work:

route add -net 192.56.76.0 netmask 255.255.255.0 dev eth1
route add -net 192.168.0.0  netmask 255.255.255.0 gw 192.168.0.1 dev eth1
route add default gw 192.168.0.1 eth1

Various experiments, including at least the last example above, will permit me to connect to MAIL via xx.129.23.80:25, but I lose ability to connect to any port via xx.128.23.95:[22,80,...]

It seems I can connect to MAIL from the Internet either to xx.128.23.95:anyport, or xx.129.23.80:25, but not both unless I go through that rather elaborate route table creating process.

Is there not a simple 'route' or 'ip' command or two I can run to do what I want?

> Did not receive identification string from
you get this error message when you use connections not using SSL, as you did with telnet
but if you get that message, your client can connect the server which then does not sound like a routing problem