SSH : no reply when connecting from outside home network - ssh

I host a personal server at home, behind my home router. When attempting to connect with SSH from internal network, it works fine. From outside my home networks, it happens... nothing.
From internal : ssh user#internal.ip -p custom_port => prompts for
password and connects
From external : ssh user#router.ip -p custom_port => cursor blinks
a little, then nothing. No timeout. I have to ctrl+c to quit
Do you have any idea about how I can solve this ?
Confugation
Serveur : Debian 11
SSH with custom port
iptables allows the SSH custom port + no-ip required ports
Router : NAT configured with the custom port
External IP : either router's IP, or no-ip tld
Router's port forwarding seems OK
I am certain that the server is reachable. I used PortCheckTool:
shows "port open" when the server is up
shows "port close" when the server is down
So the NAT/port forward seems to be OK
It looks as if the server's reply is bocked, but I don't know how to check
I am not a pro admin, so I don't know how to check
if server received connection requested
sent a reply
if the router's firewall blocks the reply
I just checked my router. Firewall enables "all outbound traffic except netbios services".
Update
I found the auth.log file. I cannot find the attempts to connect from outside (no "invalid" entry, nor entry for the related times ).

Related

Termius Port Forwarding my home machine Failed

So I tried to ssh my home machine over Termius ios, but it can only be done inside the WLAN. Here’s the information on dynamic port forwarding.
I had enable port forwarding on my router as well as Gateway Ports yes on my ssh config. Is there anything else I shall try ?
The image

Forward server HTTP traffic to handle in another device via SSH Tunnel

I'm developing some webhook required direct access public domain to internal machine, thinking use SSH tunnel to forward data, or got alternative solution?
Hosting server & development machine are in same network
192.168.1.2/24 (Hosting server)
2nd machine is virtual mapping using forticlient firewall without static or dynamic IP in visible in hosting server, so is 1 way initial communication right now.
In this case possible to setup SSH tunnel forward all traffic from 192.168.1.2:80 to handle in development machine port 8080?
How to ssh syntax look like?
Thanks.
This could be done by setting up an SSH tunnel to the remote machine:
ssh -L localhost:80:localhost:8080 development-system
Every request to port 80 on the hosting-server is now forwarded to port 8080 on the development-system.
Please note, that the port 80 on the hosting-server could only be used, when you start the SSH command as root. Also note that the port 80 is only accessible from the hosting-server. To access the port 80 on the hosting-server from everywhere use the following:
ssh -L 80:localhost:8080 development-system
Be sure that you want that.
A good introduction to the topic could be found at
https://www.ssh.com/ssh/tunneling/example
https://unix.stackexchange.com/questions/115897/whats-ssh-port-forwarding-and-whats-the-difference-between-ssh-local-and-remot

Unable to Ssh on another ISP

When I ssh to my host vps I am able to connect and login easily when on different ISP's i.e.,
My Phone's internet connection
My Friends internet connection
But when I do it at my home,
I get response by ping but unable to connect to ssh using either of,
dns name
ip address
First, make sure that the IP you tried to connect to is a public IP.
Second, if you are using a router, make sure that port forwarding from the router to the destination PC is properly configured. You can usually set it on the router's settings page.
If the ping is entered correctly but the connection is denied, it is likely to be a configuration problem on the router. Or, your ISP may have blocked that port, so use the port scan site to make sure that the port is blocked. If you search for port scanner online on Google, you will see many sites.

Redirect Server ports from behind a firewall via ssh tunnel to another via dyndns reachable server

my setting is as follows:
server1 is behind a firewall. its running a service on port X.
server2 is an already dyndns reachable homeserver, lets say "mydomain.com"
i am trying to forward (via ssh reverse tunneling) port X to server2, so that anyone can access the service originally provided on server1 through simply connecting to "mydomain.com:X" with the related app.
my steps so far were:
1. establish ssh reverse tunnel on server1
ssh -p22 $nokey $keepalive -nNT -R "*:$PortX:localhost:$PortX" sshuser#$dyndnsIP"
--> tunnel is okay as far as i am can tell, its present on server2 (tested via netstat -tlpn)
2. now established portforwarding on homeDSLModemRouter from PortX to server2:PortX (used internal ip here, no error here)
3. now trying to connect via app to "mydomain.com:PortX" - no success.
Am i missing something vital? help is greatly appreciated!
Answer - jst read my Comment above.
It was necessary to set "GatewayPorts yes" in the public reachable dyndns-Server2.

IBM Server configuration

i have an ibm server, a tp-link router with an static ip and DHCP activated, i want to configure one of the net boards in the ibm server.
I installed Ububntu server and access to the net board configuration using this command:
vi /etc/network/interfaces
I configure the server with this
address -> i put an ip that i resrve in the router
netmask
network
broadcast
gateway
I have a subdomain from no ip i have entered in the server so i can do remote connection to the server throw this subdomain and ssh. I have put the subdomain in /etc/host.conf
The thing is i have access to the subdomain in the web and out of the LAN net. But when i try to connect to the server throw ssh it's gave me connection refused.
EDIT:
Using the command arp-scan -I eth0 -l i found that the IP of the server is asigned two times it's look like it's the same ethernet board with two MAC address thar are the same except the las number.
Ok, what's work for me was to reinstall openssh on the server and in my computer. After that I have access throw ssh.