portforwarding on Huawei HG8245H ONT
Last Updated: Dec 06 2017 21:51, Started by
dolphs
, Dec 06 2017 17:19
·
0
#1
Posted 06 December 2017 - 17:19
Salut,
I am trying to set up port forwarding on RCSRDS network, but seem to miss a step as I am unable to establish an SSH session from the Internet to the SSH-server. First thing I did was creating a static route for the SSH server I want to use port forwarding to. Also checked both IP address the ONT reports and IP address known to the outside world, thus: 1/ IP addresses IP address ONT --- Status-> WAN Information: --- IPv4 Information Connection Status IP Acquisition Mode IP Address Subnet Mask MAC Address Connected PPPoE 100.101.xx.yyy 255.255.255.255 xx:xx:xx:xx:xx:xx IP address Internet --- root@sshserver:~# curl ipinfo.io/ip 86.120.yyy.zzz 2/ Verified forwarding rule Forward Rules-> Port Mapping Configuration Enable Port Mapping: [v] WAN Name: 2_INTERNET_R_VID_201 (greyed out) Protocol: TCP Start External Port: 3333 End External Port: 3333 Start Internal Port: 22 End Internal Port: 22 Start External Source Port:0 End External Source Port:0 Mapping Name: ssh External Source IP Address: Internal Host: 192.168.x.y [ mac-address ] Tested " ssh some_user@IP-address -p3333 " using both addresses, but it does not seem to connect? I assume I do not need to restart router and a simple "Apply" should be sufficient? Last, but not least, the ssh server reacts to port 22 if I check from another station ... ... user@someserver:~$ telnet 192.168.xx.yy 22 Trying 192.168.xx.yy... Connected to 192.168.xx.yy. Escape character is '^]'. SSH-2.0-dropbear_2014.66 ▒▒ֈN0X▒_▒▒▒+▒▒▒[email protected],ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,[email protected],3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbcgaes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbchmac-sha1-96,hmac-sha1,hmac-md5hmac-sha1-96,hmac-sha1,hmac-md5zlib,[email protected],nonezlib,[email protected],none▒ܪ:▒▒n Mtmsc pt raspuns! |
#2
Posted 06 December 2017 - 18:33
dolphs, on 06 decembrie 2017 - 17:19, said:
Salut, I am trying to set up port forwarding on RCSRDS network, but seem to miss a step as I am unable to establish an SSH session from the Internet to the SSH-server. First thing I did was creating a static route for the SSH server I want to use port forwarding to. Also checked both IP address the ONT reports and IP address known to the outside world, thus: ... Mtmsc pt raspuns! Nu de alta dar un strain nu scrie prescurat "pt" ( Quote Mtmsc pt raspuns! Edited by stlk, 06 December 2017 - 18:34. |
#3
Posted 06 December 2017 - 19:07
seara buna ... Uhm eu?
Hah inteleg Romaneste, dar nu srciu bine ! Hai - mtmsc pt raspuns pe subiect port fowarding :-) |
#4
Posted 06 December 2017 - 19:42
Dacă înţelegi româneşte e bine!
1. vrei port-forward de la wan-ip-addr:3333 la LAN-ip-addr:22 2. procedezi ca aici: https://portforward....huawei/hg8245h/ 3. ar trebui ca după <Apply> să funcţioneze; 4. pentru acces din internet wan-ip-addr(external) ar trebui să fie static; dar, la RDS, PPPoE oferă ip-addr dinamic; soluţia este 5; 5. creezi un cont aici: https://digicare.rcs-rds.ro/ unde vei putea să configurezi <DNS Dinamic> de forma yourhostname.go.ro cu care vei putea accesa din internet conexiunea proprie indiferent ce wan-ip-addr ar avea; după configurare e necesar pppoe reconect sau <restart>. 6. LAN-server cu ssh trebuie să deţină permanent aceeaşi ip-addr(ex. 192.168.100.52) 7. by default ssh e configurat să nu accepte conectare cu user root; Succes! |
#5
Posted 06 December 2017 - 20:26
@jobist - mersi
Idea is indeed to be able to access from outside ( Internet /3333 ) in to my LAN to SSH ( 22 ). Found the instruction under 2/ also and applied lots of different settings already. Meanwhile removed my rule and picked the Application " Secure Shell Server " to test. Also inserted a Mapping name with proper Mac Address ( thus Internal host is the correct one ) and Applied these but " pacat, nu merge deloc " Answer might be in "contul-meu", although I added a "go.ro" address yesterday it does not seem to resolve the DNS entry yet executing a 'nslookup'. Therefore possibly I have to "restart"( reconnect ) the ONT to pick up this entry configured, will do that after this posting. daca functioneaza, raport in limba romana! :-) |
#6
Posted 06 December 2017 - 20:46
grrr " ce pacat " dupa repornire functioneaza bine ...
Am vazut IP address este schimbat, acum este ceva : 5.12.xxx.yyyy ( a fost 100.101.xxx.yyy ) Si nslookup resolva "go.ro" adressul, aoleu nu ce poate!!! |
#7
Posted 06 December 2017 - 20:47
ok.
Merge SSH access? Edited by jobist, 06 December 2017 - 20:48. |
#8
Posted 06 December 2017 - 21:03
da merge bine cu si fara "root" doar dupa ceva 5 minute root este blocat ;-), mersi!
|
#9
Posted 06 December 2017 - 21:14
Faci aşa: remote ssh-login cu someuser@ip-addr , apoi local ssh-login [email protected] ; poate nu mai face time-out la root
dolphs, on 06 decembrie 2017 - 20:46, said:
grrr " Edited by jobist, 06 December 2017 - 21:16. |
#10
Posted 06 December 2017 - 21:51
no I was refering root login works but I dont want root to be able to log in directly from the Internet so that has been taken care of ...
multumesc si seara placut! |
|
Anunturi
Bun venit pe Forumul Softpedia!
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users