Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




77 posts

Master Geek
+1 received by user: 2


Topic # 85067 13-Jun-2011 08:47
Send private message

Hi

I have a Nokia M1122 ADSL modem.   Sitting behind the modem is a firewall appliance (IPCop).  The problem is that I can't set up ssh connections from out on the internet.  It should be as simple as opening up pin holes to forward ports through my modem and firewall, but I can't get it to work.

What I want to do is allow authorized ssh connections from the internet through the modem and through the firewall. The ssh ports are not standard (12345 and 2220).  I want one connection (2220) to go to the firewall, and the other (12345) to go to a PC on my network with a static address. No matter what I have tried, I don't seem to be able to break through the modem.  When I try to ssh in from the internet, I get "connection refused". 

It appears that the modem is blocking ssh connection attempts.  The modem is setup on Telecom.  I use dyndns to get the telecom IP.  On my side of the network, all IP addresses are static.  I don't need the modem firewall features so I have tried turning off NAPT, but then I can't connect out to the internet.  I have ticked all the "bridge" boxes.  I have tried setting up pinholes through the NAPT page, but my firewall doesn't record any successful hits.   Stateful Packet Inspection is disabled.

I have the firewall set up to forward the 12345 port onto the internal PC.

Has anyone successfully set up a Nokia M1122 to allow external ssh connections to pass through???
If so, how is it set up?

Dazz

Create new topic
568 posts

Ultimate Geek
+1 received by user: 73


  Reply # 480523 13-Jun-2011 09:25
Send private message

I just tried it here and it appears to work fine:



Nokia M1122 with an Untangle box behind it.



77 posts

Master Geek
+1 received by user: 2


  Reply # 480545 13-Jun-2011 10:14
Send private message

Hi

I have the same equivalent entrys for my setup. 
Tonight, I will post some screen shots of some other parts of the setup to see if they are the same/different.

Dazz

 
 
 
 


3094 posts

Uber Geek
+1 received by user: 510

Trusted

  Reply # 480812 13-Jun-2011 23:33
Send private message

I dont have an answer, other than maybe try a modem with ppp extension or half bridge mode, and that way your wan port on the ipcop pc will be the direct internet connection without any double natting.

But the thing i did want to say is
WOW i didnt know those things still functioned.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here






77 posts

Master Geek
+1 received by user: 2


  Reply # 481152 14-Jun-2011 19:20
Send private message

Hi

Yea, its an oldy but a goody.  It just goes and goes.  I have a Netgear modem, but no reason to change.  It still NATS the traffic.

I have managed to get the port through to the red interface to my firewall.  I just need to try and get it inside my home network.  The modem bridging works.  The firewall sees the Jetstream IP address.

I never thought it would be so hard to break into my own network.

Dazz

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

UFB connections pass 460,000
Posted 11-Dec-2017 11:26


The Warehouse Group to adopt IBM Cloud to support digital transformation
Posted 11-Dec-2017 11:22


Dimension Data peeks into digital business 2018
Posted 11-Dec-2017 10:55


2018 Cyber Security Predictions
Posted 7-Dec-2017 14:55


Global Govtech Accelerator to drive public sector innovation in Wellington
Posted 7-Dec-2017 11:21


Stuff Pix media strategy a new direction
Posted 7-Dec-2017 09:37


Digital transformation is dead
Posted 7-Dec-2017 09:31


Fake news and cyber security
Posted 7-Dec-2017 09:27


Dimension Data New Zealand strengthens cybersecurity practice
Posted 5-Dec-2017 20:27


Epson NZ launches new Expression Premium Photo range
Posted 5-Dec-2017 20:26


Eventbrite and Twickets launch integration partnership in Australia and New Zealand
Posted 5-Dec-2017 20:23


New Fujifilm macro lens lands in New Zealand
Posted 5-Dec-2017 20:16


Cyber security not being taken seriously enough
Posted 5-Dec-2017 20:13


Sony commences Android 8.0 Oreo rollout in New Zealand
Posted 5-Dec-2017 20:08


Revera partners with Nyriad to deliver blockchain pilot to NZ Government
Posted 5-Dec-2017 20:01



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.