Unable to SSH to an Ubuntu server, form the WAN

I have a virtualized Ubuntu environment. One of my servers allows SSH from the LAN but not the WAN. When I SSH to this server it responds with access denied.  I have other ports open on this server that I can access with no problems. What logs should I look at to determine why I can not SSH from the WAN
Barry-f4Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nociSoftware EngineerCommented:
Answer for log search:
grep sshd /var/log/*

and more detailed search/view on the logs that match...
sshd logs in various places: (auth failures, daemon failures, generic messages.).

You may want to look into the /etc/hosts.allow /etc/host.deny files.
0
Prabhin MPEngineer-TechOPSCommented:
Hi,
Please check /var/log/auth.log and /var/log/syslog

Check iptable -L -n -v
inorder to see whether firewall is blocking or not.


Please provide the output.
0
arnoldCommented:
From the wan you have to make sure you have port forwarding setup as the default inbound requests are blocked by the firewall.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Barry-f4Author Commented:
Here it is
iptables.txt
0
arnoldCommented:
Look at
Iptables -L -t nat
iptables -L -t filter
Chains of interest  PREROUTING/postrouting DNAT SNAT

In your case you do not have any open ports on the INPUT side....
0
Prabhin MPEngineer-TechOPSCommented:
Hi,
can u provide me the output of ssh  with -vv paramater

ssh -vv username@IP
0
Barry-f4Author Commented:
It turns out that the firewall was "intercepting" port 22 for firewall SSH management. I changed SSH on rhe server in question to listen for SSH on a different port and we connected sucessfully
0
arnoldCommented:
IN the future, you do not need to alter ssh port on the server
Your external firewall ruke can be setup to forward any port you choose to port 22 of the internal server.

This way while on the LAN, you do not have to alter how to connect to this server.
0
Barry-f4Author Commented:
Yeah I know that but it was the quickest way around the issue once we realized that the Firewall had SSH management enabled
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.