SSH over WAN Bridge to Ubuntu Server

My client has two Linux (Ubuntu) servers, which are accessible via SSH remotely, having set up the correct port forwarding in their ADSL router and using DynDNS to track the WAN IP Address.

External port 101 goes goes to internal port 81 and IP address 192.168.0.101 (the LAN IP address of server 1)
External port 102 goes goes to internal port 82 and IP address 192.168.0.102 (the LAN IP address of server 2).

There is now a requirement to have a second LAN, with its own router but the same subnet (192.168.0.x) and for the two servers to sometimes be on that second LAN, but still be able to SSH in remotely.

WAN2 of the LAN2 router is connected to LAN1 enabling LAN2 users to access the internet (as LAN2 does not have independent internet access). The WAN2 interface has an IP alias of 192.168.0.3 , set in the router for LAN2.

But with that configuration, trying to SSH into the servers remotely does not work. I can get the SSH log-on dialogue and can enter the user name and password OK but it just says "access denied".

Can any one offer any help? Basically I want to be able to SSH remotely via the ADSL/router on LAN1, over the LAN/WAN interface to LAN2 and then onto the Ubuntu servers (192.168.0.101 and 192.168.0.102 on LAN2).

Thanks
LVL 1
socrossAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

matrix8086Commented:
No chance to ssh in that way in a 1000 years!

What's about that stupid requirement to have a second router with the same IP subnet??? Are you sure that's a the requirement? It is a non sens. What do you have to implement in fact and is leading you to the conclusion for such an absurd requirement?
socrossAuthor Commented:
I was coming to the conclusion that was the case. The reasons for the requirement are long and complicated but they could be changed if absolutely necessary. So if the 2nd LAN was on a different subnet, would it then be possible to SSH in remotely via the 1st LAN's internet connection?
matrix8086Commented:
NO!

The problem is the second router which connects the WAN interface to the LAN interface of the first router

The second router has no place there. You can have how many subnets you want with a single router.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

socrossAuthor Commented:
The problem is that the two LANs are not always in the same physical location. LAN1 is a fixed installation at our offices, with a permanent internet connection. LAN2 is a portable network used for event Wi-Fi and an intranet (two local servers) at events in various locations, with up to 200 tablet devices connecting to the intranet wirelessly, but no guaranteed external internet access. Hence the need for the second router for LAN 2.

It's during the on-going development and testing phases that we have both LANs in the same place. Yes, we can attach the servers to LAN1 and have our developer SSH in OK (as the LAN1 router has been configured accordingly).  But for some testing configurations where we need the servers to be on LAN 2, we would still like our developer to be able to SSH into the servers, but the only way in is via LAN1's internet connection, as LAN2 does not have it's own internet connection (apart from the WAN link to LAN1).

Does that make sense?
matrix8086Commented:
No! Switch to virtualization concept, or VPN

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
socrossAuthor Commented:
OK, thanks for your suggestions.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.