Reply With QuoteWhat is connected to the other end of your wan cable? A modem/adsl router, or anything else that can handle port forwarding and NAT?
If there is another device, you need to forward the port there (as opposed to opening port 22 on the wl-700ge)
Senior Member
can somebody please tell me how the settings are to connect from wan to dropbear? because i have tried some things, but it doesn't helped. (in lan everything works fine...)
am i wrong when i open the port 22 in the virtual server?
Port Range: 22
Local Ip 192.168.1.1
Local Port: empty
Protocol: TCP
thanks
grat182
Last edited by gratitude182; 19-01-2007 at 20:38.
Senior Member
What is connected to the other end of your wan cable? A modem/adsl router, or anything else that can handle port forwarding and NAT?
If there is another device, you need to forward the port there (as opposed to opening port 22 on the wl-700ge)
Forum Guru
My router's WAN port is directly connected to my ISP. I put port 22 in both port entries. I confirmed the settings manually with the following iptables command. If your setup is like mine, you should see something similar to the following:
[root@WL700gE ~]$ iptables -t nat --list | grep ssh
DNAT tcp -- anywhere your.hostname dpt:ssh to:192.168.1.1:22
[root@WL700gE ~]$ iptables --list | grep ssh
ACCEPT tcp -- anywhere 192.168.1.1 tcp dpt:ssh
- K.C.
Senior Member
thanks for the answers.
the modem (cabel) doesn't have a firewall or block something.
where do i see the iptables? do i have to install something?
i know it's a stupid question but i have only less linux knowledge :-(
i hope that somebody could help :-)
thanks
grat182
Senior Member
or shall i do that aslike is there written:
http://www.sprayfly.com/wiki/SSH_Guide
?
thanks
grat182
Junior Member
You can open port 22 in Asus WEB-GUI - this is probably the easiest way that will also work after you restard the router.Originally Posted by gratitude182
- or your can open it manually by e.g.
For more complex solution please see http://wl700g.info/showthread.php?t=...light=iptablesCode:iptables -I INPUT 7 -p tcp --dport 22 -j ACCEPT
Junior Member
K.C.,
is there a special reason to have it in nat table in addition to input?
Thanks & Rgds
Senior Member
@ dolphine
is this right how i opened it in the asus web-gui?
advanced --> nat --> virtual server
Port Range: 22
Local Ip 192.168.1.1
Local Port: empty
Protocol: TCP
?
grat182
PS: but this doesn't work... also not after reboot :-(
Junior Member
I think that local prot should be 22 as well. Port range specifies the range of port on external (WAN) interface that are forwardded to local ip and local port. Therefore both ports shoudl be 22. The external port does not have to be 22.
Does it help?
Senior Member
thanks for your help dolphine.
i have changed the settings without success.
Port Range: 22
Local Ip 192.168.1.1
Local Port: 22
Protocol: TCP
when i connect local with the 192.168.1.1 everything works fine and when i turn of the fw it works also from wan (then it must be the firewall)
in the syslog i get following error:
Jan 21 21:46:38 dropbear[576]: Child connection from 91.*.*.*:2342
Jan 21 21:46:38 dropbear[576]: exit before auth: Failed to get remote version
could anybody help?
grat182
Last edited by gratitude182; 21-01-2007 at 21:08.
Senior Member
could somebody tell me why i don't have the iptables command? (or what do i wrong)?
[~]$ iptables
bash: iptables: command not found
i'm logged in as root
thanks
grat182
Last edited by gratitude182; 21-01-2007 at 23:18.
Senior Member
i had got problems with the paths! now it works...
thanks for help
grat182
Forum Guru
Since the destination IP is non-routable, it has to be nat'd in order to get packets in and response packets back out to the WAN.
- K.C.
Senior Member
kfurge, have you wrote that then into the rc.local?
thanks
grat182
Forum Guru
No. I did everything through the DMZ section of the web interface. The commands I showed were just a succinct way of confirming the tables contained the entries I exected.
No rc.local juggling was necessary for my setup.
- K.C.
Posting Permissions