openwrt no ssh from wan












2















I would like to have access from wan through ssh to my openwrt router. I did the following:




  • Go to the Network / Firewall / Traffic Rules.

  • Scroll down to the “Open ports on router” section.

  • Enter a name for this rule, e.g. “Allow-SSH-WAN”.

  • Set “Protocol” to “TCP”.

  • Enter “22” as the “External Port”.

  • Click “Add”.

  • Click “Save and Apply”.


Unfortunately ssh root@myWANip does not answer.
What did I miss?






openwrt







share|improve this question
















bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • from inside the routers NAT? Not supported (I think it's possible if you get fancy with iptables rules, but my OpenWrt CC doesn't implement it).

    – sourcejedi
    May 15 '17 at 7:27













  • i am looking for ssh from a different network to my openwrt through the WAN. not inside the routers NAT.

    – john
    May 15 '17 at 13:09











  • ok. client is Linux? you should try running sudo traceroute -T -p 22 myWANip. It might show whether there is another nasty firewall in the way or you have a clear path right up to the router using port 22.

    – sourcejedi
    May 15 '17 at 14:39











  • also, it would be clearer if you give a specific on "does not answer". I assume you get "connection refused". If instead it just hangs, I'd want to look at ssh -v or so to confirm where the hang happens.

    – sourcejedi
    May 15 '17 at 14:43
















2















I would like to have access from wan through ssh to my openwrt router. I did the following:




  • Go to the Network / Firewall / Traffic Rules.

  • Scroll down to the “Open ports on router” section.

  • Enter a name for this rule, e.g. “Allow-SSH-WAN”.

  • Set “Protocol” to “TCP”.

  • Enter “22” as the “External Port”.

  • Click “Add”.

  • Click “Save and Apply”.


Unfortunately ssh root@myWANip does not answer.
What did I miss?






openwrt







share|improve this question
















bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • from inside the routers NAT? Not supported (I think it's possible if you get fancy with iptables rules, but my OpenWrt CC doesn't implement it).

    – sourcejedi
    May 15 '17 at 7:27













  • i am looking for ssh from a different network to my openwrt through the WAN. not inside the routers NAT.

    – john
    May 15 '17 at 13:09











  • ok. client is Linux? you should try running sudo traceroute -T -p 22 myWANip. It might show whether there is another nasty firewall in the way or you have a clear path right up to the router using port 22.

    – sourcejedi
    May 15 '17 at 14:39











  • also, it would be clearer if you give a specific on "does not answer". I assume you get "connection refused". If instead it just hangs, I'd want to look at ssh -v or so to confirm where the hang happens.

    – sourcejedi
    May 15 '17 at 14:43














2












2








2


1






I would like to have access from wan through ssh to my openwrt router. I did the following:




  • Go to the Network / Firewall / Traffic Rules.

  • Scroll down to the “Open ports on router” section.

  • Enter a name for this rule, e.g. “Allow-SSH-WAN”.

  • Set “Protocol” to “TCP”.

  • Enter “22” as the “External Port”.

  • Click “Add”.

  • Click “Save and Apply”.


Unfortunately ssh root@myWANip does not answer.
What did I miss?






openwrt







share|improve this question
















I would like to have access from wan through ssh to my openwrt router. I did the following:




  • Go to the Network / Firewall / Traffic Rules.

  • Scroll down to the “Open ports on router” section.

  • Enter a name for this rule, e.g. “Allow-SSH-WAN”.

  • Set “Protocol” to “TCP”.

  • Enter “22” as the “External Port”.

  • Click “Add”.

  • Click “Save and Apply”.


Unfortunately ssh root@myWANip does not answer.
What did I miss?






openwrt




openwrt






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited May 15 '17 at 8:18









dr01

16.1k114972




16.1k114972










asked May 15 '17 at 7:12









johnjohn

667




667





bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.















  • from inside the routers NAT? Not supported (I think it's possible if you get fancy with iptables rules, but my OpenWrt CC doesn't implement it).

    – sourcejedi
    May 15 '17 at 7:27













  • i am looking for ssh from a different network to my openwrt through the WAN. not inside the routers NAT.

    – john
    May 15 '17 at 13:09











  • ok. client is Linux? you should try running sudo traceroute -T -p 22 myWANip. It might show whether there is another nasty firewall in the way or you have a clear path right up to the router using port 22.

    – sourcejedi
    May 15 '17 at 14:39











  • also, it would be clearer if you give a specific on "does not answer". I assume you get "connection refused". If instead it just hangs, I'd want to look at ssh -v or so to confirm where the hang happens.

    – sourcejedi
    May 15 '17 at 14:43



















  • from inside the routers NAT? Not supported (I think it's possible if you get fancy with iptables rules, but my OpenWrt CC doesn't implement it).

    – sourcejedi
    May 15 '17 at 7:27













  • i am looking for ssh from a different network to my openwrt through the WAN. not inside the routers NAT.

    – john
    May 15 '17 at 13:09











  • ok. client is Linux? you should try running sudo traceroute -T -p 22 myWANip. It might show whether there is another nasty firewall in the way or you have a clear path right up to the router using port 22.

    – sourcejedi
    May 15 '17 at 14:39











  • also, it would be clearer if you give a specific on "does not answer". I assume you get "connection refused". If instead it just hangs, I'd want to look at ssh -v or so to confirm where the hang happens.

    – sourcejedi
    May 15 '17 at 14:43

















from inside the routers NAT? Not supported (I think it's possible if you get fancy with iptables rules, but my OpenWrt CC doesn't implement it).

– sourcejedi
May 15 '17 at 7:27







from inside the routers NAT? Not supported (I think it's possible if you get fancy with iptables rules, but my OpenWrt CC doesn't implement it).

– sourcejedi
May 15 '17 at 7:27















i am looking for ssh from a different network to my openwrt through the WAN. not inside the routers NAT.

– john
May 15 '17 at 13:09





i am looking for ssh from a different network to my openwrt through the WAN. not inside the routers NAT.

– john
May 15 '17 at 13:09













ok. client is Linux? you should try running sudo traceroute -T -p 22 myWANip. It might show whether there is another nasty firewall in the way or you have a clear path right up to the router using port 22.

– sourcejedi
May 15 '17 at 14:39





ok. client is Linux? you should try running sudo traceroute -T -p 22 myWANip. It might show whether there is another nasty firewall in the way or you have a clear path right up to the router using port 22.

– sourcejedi
May 15 '17 at 14:39













also, it would be clearer if you give a specific on "does not answer". I assume you get "connection refused". If instead it just hangs, I'd want to look at ssh -v or so to confirm where the hang happens.

– sourcejedi
May 15 '17 at 14:43





also, it would be clearer if you give a specific on "does not answer". I assume you get "connection refused". If instead it just hangs, I'd want to look at ssh -v or so to confirm where the hang happens.

– sourcejedi
May 15 '17 at 14:43










1 Answer
1






active

oldest

votes


















0














I ran into this issue and in my case it was down to the fact that the default config on Openwrt has its LAN network interface network set to 192.168.1.X and if your local network also uses this address range then you can't talk to the router when you're plugged into the WAN interface. This is because the Openwrt box tries to send the packets back on its LAN interface when you're plugged into the WAN interface (also with a 192.168.1.X address), as the box thinks the LAN interface is the best one for sending packets to 192.168.1.X.



The way to fix it is to change IP network address (in LuCI: Network->Interfaces->LAN->Edit->IPv4 Address) assigned to the LAN interface so it's different from your local network address (e.g. use 192.168.0.X, 10.0.0.X) and then should be able to connect to ssh over the WAN interface - given you've done the Firewall setup you mentioned.






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f365099%2fopenwrt-no-ssh-from-wan%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I ran into this issue and in my case it was down to the fact that the default config on Openwrt has its LAN network interface network set to 192.168.1.X and if your local network also uses this address range then you can't talk to the router when you're plugged into the WAN interface. This is because the Openwrt box tries to send the packets back on its LAN interface when you're plugged into the WAN interface (also with a 192.168.1.X address), as the box thinks the LAN interface is the best one for sending packets to 192.168.1.X.



    The way to fix it is to change IP network address (in LuCI: Network->Interfaces->LAN->Edit->IPv4 Address) assigned to the LAN interface so it's different from your local network address (e.g. use 192.168.0.X, 10.0.0.X) and then should be able to connect to ssh over the WAN interface - given you've done the Firewall setup you mentioned.






    share|improve this answer




























      0














      I ran into this issue and in my case it was down to the fact that the default config on Openwrt has its LAN network interface network set to 192.168.1.X and if your local network also uses this address range then you can't talk to the router when you're plugged into the WAN interface. This is because the Openwrt box tries to send the packets back on its LAN interface when you're plugged into the WAN interface (also with a 192.168.1.X address), as the box thinks the LAN interface is the best one for sending packets to 192.168.1.X.



      The way to fix it is to change IP network address (in LuCI: Network->Interfaces->LAN->Edit->IPv4 Address) assigned to the LAN interface so it's different from your local network address (e.g. use 192.168.0.X, 10.0.0.X) and then should be able to connect to ssh over the WAN interface - given you've done the Firewall setup you mentioned.






      share|improve this answer


























        0












        0








        0







        I ran into this issue and in my case it was down to the fact that the default config on Openwrt has its LAN network interface network set to 192.168.1.X and if your local network also uses this address range then you can't talk to the router when you're plugged into the WAN interface. This is because the Openwrt box tries to send the packets back on its LAN interface when you're plugged into the WAN interface (also with a 192.168.1.X address), as the box thinks the LAN interface is the best one for sending packets to 192.168.1.X.



        The way to fix it is to change IP network address (in LuCI: Network->Interfaces->LAN->Edit->IPv4 Address) assigned to the LAN interface so it's different from your local network address (e.g. use 192.168.0.X, 10.0.0.X) and then should be able to connect to ssh over the WAN interface - given you've done the Firewall setup you mentioned.






        share|improve this answer













        I ran into this issue and in my case it was down to the fact that the default config on Openwrt has its LAN network interface network set to 192.168.1.X and if your local network also uses this address range then you can't talk to the router when you're plugged into the WAN interface. This is because the Openwrt box tries to send the packets back on its LAN interface when you're plugged into the WAN interface (also with a 192.168.1.X address), as the box thinks the LAN interface is the best one for sending packets to 192.168.1.X.



        The way to fix it is to change IP network address (in LuCI: Network->Interfaces->LAN->Edit->IPv4 Address) assigned to the LAN interface so it's different from your local network address (e.g. use 192.168.0.X, 10.0.0.X) and then should be able to connect to ssh over the WAN interface - given you've done the Firewall setup you mentioned.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Apr 10 '18 at 20:47









        PierzPierz

        22117




        22117






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f365099%2fopenwrt-no-ssh-from-wan%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Loup dans la culture

            Image
            Loups sur une enluminure du Bestiaire d'Aberdeen Le loup est l'animal le plus emblématique de l'histoire de l'Eurasie, il était à l'honneur durant l'Antiquité chez la totalité des anciens peuples européens [ 1 ] . Sommaire 1 Le loup dans la mythologie 2 Les loups dans le folklore 2.1 L'évolution des mentalités 2.2 Le loup dans la psychanalyse 3 Le loup dans les œuvres culturelles 3.1 Le loup dans la littérature 3.1.1 Fables 3.1.2 Poésie 3.1.3 Romans 3.1.4 Littérature jeunesse 3.1.4.1 Quelques titres d'albums contemporains 3.1.5 Bande dessinée 3.2 Le loup à l'écran 3.2.1 Le cinéma et la télévision 3.2.2 Documentaires 3.2.3 Dessins animés 3.2.4 Jeux vidéo 3.3 Le loup en peinture et en sculpture 3.4 Le loup dans les œuvres musicales 4 Le loup et les noms propres 5 Bibliographie 6 Notes et références 7 Voir aussi 7.1 Articles connexes
            Read more

            How to solve the problem of ntp “Unable to contact time server” from KDE?

            Image
            1 0 I want to set date and time automatically but this error appears when I try to .. I'm using openSUSE, I tried different servers but it didn't work either, help please! It doesn't seem to be a network problem: $ ping pool.ntp.org 64 bytes from 41.78.128.17: icmp_seq=1 ttl=41 time=260 ms To the question of whether ntpd is installed and running: $ ps -C ntpd PID TTY TIME CMD i.e. there's no ntpd process running. $ rpm -qa | grep ntp yast2-ntp-client-3.1.12-1.7.noarch ntp-4.2.6p5-25.2.1.i586 Further information from the comments: $ sudo ntpdate pool.ntp.org 25 Sep 19:41:51 ntpdate[3162]: no server suitable for synchronization found networking kde opensuse ntp ntpd sh
            Read more

            ASUS Zenbook UX433/UX333 — Configure Touchpad-embedded numpad on Linux

            Image
            0 1 I have an ASUS Zenbook UX433,on which ASUS decided to innovate by embedding a Numpad inside the touchpad (see picture 1). Toggling between classic touchpad mode and numpad (also turns the touchpad LEDs on) can be done through the golden button in the top-right corner of the touchpad. However, on my Manjaro arch Linux config, this behavior does not work by default and I can only use the touchpad, no numpad. Has anyone been able to configure the numpad to work on Linux, or have any idea how this could be achieved? EDIT1: I have had a look at the official Windows drivers for the UX433FA TouchPad, but was not able to make anything of it. I tried installing them on Linux using tools like NDISWrapper, but they do not detect the TouchPad/Numpad hardware, and my understanding of drivers is too limited.
            Read more