Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Cum sa elimini urmele de acnee?

Wc Geberit

Routere detinute in trecut si in ...

Teii din fața casei
 E-Mail in serie prin Excel si Out...

Modul alimentare rulou/jaluzea ex...

Recuperare fișiere dupa form...

Aplicatii stress test RAM
 Asigurare auto hibrid

Asus B550M - PC-ul nu porneste di...

Tzanca Uraganu - Inconjurat de Fe...

explicatie montaj breadboard
 3 Doors Down - Kryptonite

Semnalizati cand virati pe un dru...

Succesiune - mostenire apartament...

Donez Siofor de 1000mg ( diabet t...
 

portforwarding on Huawei HG8245H ONT

* * * - - 2 votes
  • Please log in to reply
9 replies to this topic

#1
dolphs

dolphs

    Junior Member

  • Grup: Members
  • Posts: 33
  • Înscris: 04.04.2013
Salut,


I am trying to set up port forwarding on RCSRDS network,
but seem to miss a step as I am unable to establish an SSH session from the Internet to the SSH-server.

First thing I did was creating a static route for the SSH server I want to use port forwarding to.
Also checked both IP address the ONT reports and IP address known to the outside world, thus:

1/ IP addresses

IP address ONT
---
Status-> WAN Information:
---
IPv4 Information
Connection Status  IP Acquisition Mode  IP Address  Subnet Mask  MAC Address
Connected  PPPoE   100.101.xx.yyy 255.255.255.255 xx:xx:xx:xx:xx:xx

IP address Internet
---
root@sshserver:~# curl ipinfo.io/ip
86.120.yyy.zzz


2/ Verified forwarding rule
Forward Rules-> Port Mapping Configuration
Enable Port Mapping: [v]
WAN Name: 2_INTERNET_R_VID_201 (greyed out) Protocol: TCP
Start External Port: 3333 End External Port: 3333
Start Internal Port: 22  End Internal Port: 22
Start External Source Port:0 End External Source Port:0
Mapping Name: ssh  External Source IP Address:
Internal Host: 192.168.x.y [ mac-address ]


Tested " ssh some_user@IP-address -p3333 " using both addresses, but it does not seem to connect?
I assume I do not need to restart router and a simple "Apply" should be sufficient?

Last, but not least, the ssh server reacts to port 22 if I check from another station  ... ...

user@someserver:~$ telnet 192.168.xx.yy 22
Trying 192.168.xx.yy...
Connected to 192.168.xx.yy.
Escape character is '^]'.
SSH-2.0-dropbear_2014.66
▒▒ֈN0X▒_▒▒▒+▒▒▒[email protected],ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,[email protected],3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbcgaes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbchmac-sha1-96,hmac-sha1,hmac-md5hmac-sha1-96,hmac-sha1,hmac-md5zlib,[email protected],nonezlib,[email protected],none▒ܪ:▒▒n


Mtmsc pt raspuns!

#2
stlk

stlk

    Spartan Officer

  • Grup: Senior Members
  • Posts: 6,434
  • Înscris: 15.07.2008

View Postdolphs, on 06 decembrie 2017 - 17:19, said:

Salut,


I am trying to set up port forwarding on RCSRDS network,
but seem to miss a step as I am unable to establish an SSH session from the Internet to the SSH-server.

First thing I did was creating a static route for the SSH server I want to use port forwarding to.
Also checked both IP address the ONT reports and IP address known to the outside world, thus:
...
Mtmsc pt raspuns!
You are not romanian? Do you speak romanian?
Nu de alta dar un strain nu scrie prescurat "pt" (

Quote

Mtmsc pt raspuns!
)

Edited by stlk, 06 December 2017 - 18:34.


#3
dolphs

dolphs

    Junior Member

  • Grup: Members
  • Posts: 33
  • Înscris: 04.04.2013
seara buna ... Uhm eu?
Hah inteleg Romaneste, dar nu srciu bine !
Hai - mtmsc pt raspuns pe subiect port fowarding :-)

#4
jobist

jobist

    Senior Member

  • Grup: Senior Members
  • Posts: 2,746
  • Înscris: 23.04.2010
Dacă înţelegi româneşte e bine!

1. vrei port-forward de la wan-ip-addr:3333 la LAN-ip-addr:22
2. procedezi ca aici: https://portforward....huawei/hg8245h/
3. ar trebui ca după <Apply> să funcţioneze;
4. pentru acces din internet wan-ip-addr(external) ar trebui să fie static; dar, la RDS, PPPoE oferă ip-addr dinamic; soluţia este 5;
5. creezi un cont aici: https://digicare.rcs-rds.ro/ unde vei putea să configurezi <DNS Dinamic> de forma yourhostname.go.ro cu care vei putea accesa din internet conexiunea proprie indiferent ce wan-ip-addr ar avea; după configurare e necesar pppoe reconect sau <restart>.
6. LAN-server cu ssh trebuie să deţină permanent aceeaşi ip-addr(ex. 192.168.100.52)
7. by default ssh e configurat să nu accepte conectare cu user root;

Succes!

#5
dolphs

dolphs

    Junior Member

  • Grup: Members
  • Posts: 33
  • Înscris: 04.04.2013
@jobist - mersi

Idea is indeed to be able to access from outside ( Internet /3333 ) in to my LAN to SSH ( 22 ).

Found the instruction under 2/ also and applied lots of different settings already.
Meanwhile removed my rule and picked the Application " Secure Shell Server " to test.
Also inserted a Mapping name with proper Mac Address ( thus Internal host is the correct one ) and Applied these but " pacat, nu merge deloc "

Answer might be in "contul-meu", although I added a "go.ro" address yesterday it does not seem to resolve the DNS entry yet executing a 'nslookup'.
Therefore possibly I have to "restart"( reconnect ) the ONT to pick up this entry configured, will do that after this posting.

daca functioneaza, raport in limba romana! :-)

#6
dolphs

dolphs

    Junior Member

  • Grup: Members
  • Posts: 33
  • Înscris: 04.04.2013
grrr " ce pacat " dupa repornire functioneaza bine ...
Am vazut IP address este schimbat, acum este ceva : 5.12.xxx.yyyy ( a fost 100.101.xxx.yyy )
Si nslookup resolva "go.ro" adressul, aoleu nu ce poate!!!

#7
jobist

jobist

    Senior Member

  • Grup: Senior Members
  • Posts: 2,746
  • Înscris: 23.04.2010
ok.

Merge SSH access?

Edited by jobist, 06 December 2017 - 20:48.


#8
dolphs

dolphs

    Junior Member

  • Grup: Members
  • Posts: 33
  • Înscris: 04.04.2013
da merge bine cu si fara "root" doar dupa ceva 5 minute root este blocat ;-), mersi!

#9
jobist

jobist

    Senior Member

  • Grup: Senior Members
  • Posts: 2,746
  • Înscris: 23.04.2010
Faci aşa: remote ssh-login cu someuser@ip-addr , apoi local ssh-login [email protected] ; poate nu mai face time-out la root

View Postdolphs, on 06 decembrie 2017 - 20:46, said:

grrr " ce pacat " dupa repornire functioneaza bine ...
"Ce bine!" / "Surpriză plăcută!" / "Excelent!"

Edited by jobist, 06 December 2017 - 21:16.


#10
dolphs

dolphs

    Junior Member

  • Grup: Members
  • Posts: 33
  • Înscris: 04.04.2013
no I was refering root login works but I dont want root to be able to log in directly from the Internet so that has been taken care of ...


multumesc si seara placut! :)

Anunturi

Bun venit pe Forumul Softpedia!

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate