PDA

Bekijk de volledige versie : remote access to WL-500G



pavelv2
15-06-2006, 02:24
Helo,
sorry about my english.
I have Asus WL-500G deluxe. Everything is ok, besides remote access.
I cannot access my router from internet (WAN) - i tried web access, telnet and ssh (putty). From my lan everything is ok (access by web, telnet or ssh).
The only way is to disable firewall (Internet firewall-basic config). But then itīs impossible to disable ping to WAN - relatively great problem for me.

So my question - is it normal, or itīs "firmware-bug"?
I would like to have firewall enabled, ping disabled and to have access to my router from everywhere (via SSH).

Note: I have the latest "Olegīs firmware (1.9.2.7-7e)

Than you very much,
Pavel

ega2002
15-06-2006, 07:46
To enable SSH access from outside you should add the following line to post-firewall:


iptables -i xxx -I INPUT -p tcp --dport 22 -j ACCEPT

where xxx is the interface through which you are connected to internet (for example ppp0)

If you understand Russian you may also read http://wl500g.info/showthread.php?t=4824

pavelv2
15-06-2006, 10:37
Thank you very much.

I have this line in /usr/local/sbin/post-firewall:

iptables -i vlan1 -I INPUT -p tcp --dport 22 -j ACCEPT

Still i cannot conect, there is this line in log:

Jun 15 11:22:47 kernel: DROP IN=vlan1 OUT= MAC=00:03:e2:5f:e3:55:00:30:b8:ca:04:33:08:00:45:0 2:00:30 SRC=222.222.222.222 DST=44.44.44.44 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=62140 DF PROTO=TCP SPT=1858 DPT=22 SEQ=1824245381 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402)

(IP addresses i have changed)

pavelv2
15-06-2006, 11:22
Sorry, i had not file "post-firewall" marked like "executable"
Connection to SSH is OK now, thank you very much.