So at the suggestion of I forget who but I’ll edit it in later I used noip for a dyndns, and now with that set up and port 22 opened on the firewall I can’t log on to my server via ssh and when I type the domain in a web browser it goes to my routers page (also the remote access page). How do I remedy this? And in terms of the security I have a 32 character password with lower & upper case letters along with numbers and symbols.
Use a tool like https://portchecker.co/ to check if the port is indeed open.
If your noIP says that its not open, check with your current WAN IP.
If they are both not open, but the firewall says that it definitely is trying using a different port to see if your ISP maybe blocking it.
Personally I would not run anything like SSH on default port, as it just makes for annoying entries in logs due to automated scripts scanning IPs.
I would also look into the use of a shared key setup.
when I used port checker ssh is showing up, also gonna get on that shared key soon, but until then I’m just gonna use my long password
What OS is the server?
Ubuntu, I installed their software for getting the IP on to it
I am going to presume SSH from the same subnet is working soooo…
Done anything with the firewall on the machine itself? (ufw)
Are you trying to connect to SSH from outside your network or from within? Because it sounds like you’re on your own network, hence why you’re seeing the router webui when connecting to the domain even though (presumably) you haven’t forwarded port 80. Try it on your phone or some other external connection.
So I just need to forward port 80? Alright. Tried the IP from the outside and nothing happens. So just enable http?
No you don’t want to forward port 80, if you’re seeing the router webui from outside your network then you’ve done something wrong.
If you tried to connect to your SSH server via your external IP from an external network then your port forward isn’t working. If you’re trying from inside your network then it won’t work unless you have NAT reflection enabled.
try just the IP or otherwise check that the domain is current. if its working at home its unlikely a server side issue and something at the router/firewall.
your nat/firewall should be something like this:
anything incoming on port range of 22 send to device “ip of server” on port 22
so you may be missing something there if you are seeing that its open but still not working
is this all on one subnet?
you can run “tail -f /var/log/auth.log” on the server to watch for attempts/fails. if its not moving its not seeing your not getting to the server
assuming your working from the same computer/connection you can run the same command without -f to see the last 5 lines, take note of the time and check to see if the sever is seeing you
it could be a white/black list that is denying you but i really doubt that would be default but you would see that in auth.log as connected but failed/denied
can you post your internal firewall/nat settings?
1 Like
Opening a port and forwarding a port are 2 different things. It sounds like the OP has port 22 open, but is not forwarding it to the local IP of the server. So from outside your network, using your public IP, you are actually trying to SSH into the router/firewall. Basically you want all incoming connections from the outside world on port 22 to be forwarded to the private IP of your server. Also, do not forward port 80 or 443 as this will not allow you to view websites unless you are on the machine you forwarded the ports to. If you would like to manage your router remotely, you can open port 8080 which is usually the default HTTP management port on most routers. Might also have to enable remote management from within the router.
@kenkoda is spot on.
1 Like
port 80 is what you hit at a server, when the connection is being made it picks a port at random via the local computer / nat. the nat then knows that all info coming back to this port is for the internal ip that opened it. thats how you have more then one ip using http.
so for every http request nat opens a port and assigned it to the client that made it for the time, all packets coming back on that port are routed to the ip the opened it until the its closed, internal IPs are never part of the connection, but ports temporally assigned.
im sure this has a name, i dont know itport 80 is what you hit at a server, when the connection is being made it picks a port at random via the local computer / nat. the nat then knows that all info coming back to this port is for the internal ip that opened it. thats how you have more then one ip using http
EDIT: i think the name is NAT lol
EDIT: maybe its UPNP? idk, i dont care to look it up right now