TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:8149] ssh and NAT
ummm.. your ISP blocks 21, 22, and 23 on the outgoing?????? that's really
lame.. i would drop them in about 5 min
Thank You,
Ben Kochie (ben@nerp.net)
*-----------------------* [ - * - * - * - * - * - * - * - ]
| Unix/Linux Consulting | [ Haiku Error Message: ]
| PC/Mac Repair | [ Chaos reigns within. ]
| Networking | [ Reflect, repent, and reboot. ]
| http://nerp.net | [ Order shall return. ]
*-----------------------* [ - * - * - * - * - * - * - * - ]
"Unix is user friendly, Its just picky about its friends."
On Wed, 8 Sep 1999, Daniel M. Debertin wrote:
> Hello Unni --
> I am doing exactly the same thing. Assuming USWEST sets up their
> routers in bridging mode like my ISP does (very likely), You have two
> gotchas with ssh:
> 1. Your ISP may block that port or do something funny with it. Mine blocks
> 21, 22 and 23, for whatever reason, so I have to run ssh on a nonstandard
> port. This is probably not your problem, as you are at least able to get a
> connection.
> 2. Ssh tries to use priveleged ports first -- I think they start at 1000
> instead of the usual 1024. If you have some firewalling thrown in with
> that NAT, be sure you are allowing those ports through.
>
> It sounds to me like it could be a dhcp problem. You connect, communicate
> regularly for awhile, then USWEST changes your IP addy, and ssh is still
> using the old IP, which is now given to some poor fellow in Eagan or
> something. If this is the case, there is nothing you can do but find an
> ISP that allows you to have a static IP (MNInter.net does this. They are
> not too bad an ISP. I think real-time will do it for an extra couple
> bucks, too).
>
> Good luck --
> Dan Debertin
>
>
> On Wed, 8 Sep 1999, Unni Nambiar wrote:
>
> > Does anything special need to be done to get ssh working through NAT ?
> >
> > I've got my USWest DSL hooked up (finally !). I'm using the Cisco 675
> > external with DHCP server enabled. So eth0 on the linux box is configured
> > to get its ip address via dhcp. Also NAT is probably working in port
> > address translation mode, since the router negotiates just one wan address
> > from the isp (also uswest) which is also dynamic (dhcp) not static.
> >
> > Suddenly ssh is starting to misbehave. I'm able to log in to my sshd server
> > at work, but in a few minutes the whole connection freezes. Don't know
> > whats causing it. Sometimes it feels as though, if i keep typing something
> > the connection stays alive. But that assumption might not be correct. Also
> > i can only run one ssh session, the second one hangs. I don't think they've
> > done anything on the server side to restrict connections. In any case the
> > one connection should not freeze.
> >
> > I assume that ssh only encrypts the data part of the packet and leaves the
> > ip header alone. So theorectically NAT should have no effect.
> >
> > Any ideas ?
> >
> > Thanks.
> >
> > -Unni
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > For additional commands, e-mail: tclug-list-help@mn-linux.org
> >
>
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
>