Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
cerinta:scrieti programul C++

Scrisoare deschisa Ecaterina Andr...

X persoane apreciaza pagina Y

Durere dupa scoaterea nervului
 Ecaterina Andronescu, primul atac...

Digi 1000 Mbps

Specialisti in Drept Penal: PSD i...

Internet personal vs business
 Top 10 universitati din lume

Nebun sau erou?

Austroglass Parbrize EVITATI!

USR propune ca jandarmii sa poart...
 Ardere ISO cu propriu tau distro

sfat achizitie binoclu planetar

Sfanta Matrona cea oarba, de la M...

Hide external link
 

portforwarding on Huawei HG8245H ONT

* * * - - 2 votes
  • Please log in to reply
9 replies to this topic

#1
dolphs

dolphs

    Junior

  • Grup: Members
  • Posts: 20
  • Înscris: 04.04.2013
Salut,


I am trying to set up port forwarding on RCSRDS network,
but seem to miss a step as I am unable to establish an SSH session from the Internet to the SSH-server.

First thing I did was creating a static route for the SSH server I want to use port forwarding to.
Also checked both IP address the ONT reports and IP address known to the outside world, thus:

1/ IP addresses

IP address ONT
---
Status-> WAN Information:
---
IPv4 Information
Connection Status  IP Acquisition Mode  IP Address  Subnet Mask  MAC Address
Connected  PPPoE   100.101.xx.yyy 255.255.255.255 xx:xx:xx:xx:xx:xx

IP address Internet
---
root@sshserver:~# curl ipinfo.io/ip
86.120.yyy.zzz


2/ Verified forwarding rule
Forward Rules-> Port Mapping Configuration
Enable Port Mapping: [v]
WAN Name: 2_INTERNET_R_VID_201 (greyed out) Protocol: TCP
Start External Port: 3333 End External Port: 3333
Start Internal Port: 22  End Internal Port: 22
Start External Source Port:0 End External Source Port:0
Mapping Name: ssh  External Source IP Address:
Internal Host: 192.168.x.y [ mac-address ]


Tested " ssh some_user@IP-address -p3333 " using both addresses, but it does not seem to connect?
I assume I do not need to restart router and a simple "Apply" should be sufficient?

Last, but not least, the ssh server reacts to port 22 if I check from another station  ... ...

user@someserver:~$ telnet 192.168.xx.yy 22
Trying 192.168.xx.yy...
Connected to 192.168.xx.yy.
Escape character is '^]'.
SSH-2.0-dropbear_2014.66
▒▒ֈN0X▒_▒▒▒+▒▒▒curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,kexguess2@matt.ucc.asn.aussh-rsagaes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbcgaes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbchmac-sha1-96,hmac-sha1,hmac-md5hmac-sha1-96,hmac-sha1,hmac-md5zlib,zlib@openssh.com,nonezlib,zlib@openssh.com,none▒ܪ:▒▒n


Mtmsc pt raspuns!

#2
stlk

stlk

    Spartan Officer

  • Grup: Senior Members
  • Posts: 4,910
  • Înscris: 15.07.2008

View Postdolphs, on 06 decembrie 2017 - 17:19, said:

Salut,


I am trying to set up port forwarding on RCSRDS network,
but seem to miss a step as I am unable to establish an SSH session from the Internet to the SSH-server.

First thing I did was creating a static route for the SSH server I want to use port forwarding to.
Also checked both IP address the ONT reports and IP address known to the outside world, thus:
...
Mtmsc pt raspuns!
You are not romanian? Do you speak romanian?
Nu de alta dar un strain nu scrie prescurat "pt" (

Quote

Mtmsc pt raspuns!
)

Edited by stlk, 06 December 2017 - 18:34.


#3
dolphs

dolphs

    Junior

  • Grup: Members
  • Posts: 20
  • Înscris: 04.04.2013
seara buna ... Uhm eu?
Hah inteleg Romaneste, dar nu srciu bine !
Hai - mtmsc pt raspuns pe subiect port fowarding :-)

#4
jobist

jobist

    Active Member

  • Grup: Members
  • Posts: 1,443
  • Înscris: 23.04.2010
Dacă înţelegi româneşte e bine!

1. vrei port-forward de la wan-ip-addr:3333 la LAN-ip-addr:22
2. procedezi ca aici: https://portforward....huawei/hg8245h/
3. ar trebui ca după <Apply> să funcţioneze;
4. pentru acces din internet wan-ip-addr(external) ar trebui să fie static; dar, la RDS, PPPoE oferă ip-addr dinamic; soluţia este 5;
5. creezi un cont aici: https://digicare.rcs-rds.ro/ unde vei putea să configurezi <DNS Dinamic> de forma yourhostname.go.ro cu care vei putea accesa din internet conexiunea proprie indiferent ce wan-ip-addr ar avea; după configurare e necesar pppoe reconect sau <restart>.
6. LAN-server cu ssh trebuie să deţină permanent aceeaşi ip-addr(ex. 192.168.100.52)
7. by default ssh e configurat să nu accepte conectare cu user root;

Succes!

#5
dolphs

dolphs

    Junior

  • Grup: Members
  • Posts: 20
  • Înscris: 04.04.2013
@jobist - mersi

Idea is indeed to be able to access from outside ( Internet /3333 ) in to my LAN to SSH ( 22 ).

Found the instruction under 2/ also and applied lots of different settings already.
Meanwhile removed my rule and picked the Application " Secure Shell Server " to test.
Also inserted a Mapping name with proper Mac Address ( thus Internal host is the correct one ) and Applied these but " pacat, nu merge deloc "

Answer might be in "contul-meu", although I added a "go.ro" address yesterday it does not seem to resolve the DNS entry yet executing a 'nslookup'.
Therefore possibly I have to "restart"( reconnect ) the ONT to pick up this entry configured, will do that after this posting.

daca functioneaza, raport in limba romana! :-)

#6
dolphs

dolphs

    Junior

  • Grup: Members
  • Posts: 20
  • Înscris: 04.04.2013
grrr " ce pacat " dupa repornire functioneaza bine ...
Am vazut IP address este schimbat, acum este ceva : 5.12.xxx.yyyy ( a fost 100.101.xxx.yyy )
Si nslookup resolva "go.ro" adressul, aoleu nu ce poate!!!

#7
jobist

jobist

    Active Member

  • Grup: Members
  • Posts: 1,443
  • Înscris: 23.04.2010
ok.

Merge SSH access?

Edited by jobist, 06 December 2017 - 20:48.


#8
dolphs

dolphs

    Junior

  • Grup: Members
  • Posts: 20
  • Înscris: 04.04.2013
da merge bine cu si fara "root" doar dupa ceva 5 minute root este blocat ;-), mersi!

#9
jobist

jobist

    Active Member

  • Grup: Members
  • Posts: 1,443
  • Înscris: 23.04.2010
Faci aşa: remote ssh-login cu someuser@ip-addr , apoi local ssh-login root@127.0.0.1 ; poate nu mai face time-out la root

View Postdolphs, on 06 decembrie 2017 - 20:46, said:

grrr " ce pacat " dupa repornire functioneaza bine ...
"Ce bine!" / "Surpriză plăcută!" / "Excelent!"

Edited by jobist, 06 December 2017 - 21:16.


#10
dolphs

dolphs

    Junior

  • Grup: Members
  • Posts: 20
  • Înscris: 04.04.2013
no I was refering root login works but I dont want root to be able to log in directly from the Internet so that has been taken care of ...


multumesc si seara placut! :)

Anunturi


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate