Topic: Newbie, ssh & other ports

[Jonty]

Hi, I'm a newbie to SME-Server, but I was wondering if anyone can help with a small problem. I am trying to configure the server to allow me to use ssh and one or 2 other protocols from clients on my internal network to access machines on the internet. For instance I have a shell account on the internet and I want to securely access it from my workstation inside my network. Any help would be appreciated. Jonty.

[Dan Brown]

Nothing needs to be configured; this is allowed by default.

[Jonty]

Dan,

Having read the documentation I thought that this would be the default behaviour, but it's not. After some testing I have found that the connectivity I have got is very limited. From a client inside my network I have web access but no other access (ie only port 80). I can ssh to the server but not beyond. I cannot ping anything on the internet as the request times out (although it does resolve the DNS correctly). I can ping my external interface from the internet, but it is not receiving email or the webpage (they time out).

Any help with this would be appreciated. I have applied Update1 and 2 but I still have the same situation. I installed the server with default settings and everything is working fine. I can do admin from inside the network, and have successful test of connection to the internet.

Thanks,

Jonty

[Terry Brummell]

Sounds like either your ISP is blocking known ports below 1024 (ie: 80, 25, 23) or you've installed your server as "Private Gateway & Server".

[Jonty]

I have now tried switching the server to private server and gateway and then back to server and gateway to resolve this, but that hasn't worked. The situation is as follows:

1. From the server I can see the internet, ssh to internet servers, ping web servers etc.
2. None of the clients inside my network can do any of that except open web pages.

My server config in Server Manager says:

Review configuration
Networking Parameters
Server Mode servergateway
Local IP address / subnet mask 192.168.180.1/255.255.255.0
External IP address / subnet mask 81.86.196.240/255.255.255.0
Gateway 81.86.196.1
Additional local networks No additional networks defined
DHCP server enabled
Beginning of DHCP address range 192.168.180.65
End of DHCP address range 192.168.180.250

Why can't the client use ssh or other ports onto the internet?

Thanks for the help.

[Terry Brummell]

A trace route stops at 62.241.161.2.  Has this place ever had their own server before?  Sounds like the ISP is blocking ports.

[Jonty]

I agree that the trace route stops at 62.241.161.2, but I'm not sure its the ports being blocked. This server has been up before on that IP address.

I have had to manually create the Internet connection using third party drivers. This makes if difficult to configure the gateway. I think the problem is the gateway is setup to eth1 and my connection is on ppp0. Can anyone tell me how to change this in the configuration databases? I can find the ip addresses in 'configuration' but not the interface names.

Thanks.