Join Log in
Score:0
x60id avatar Ubuntu

SSH can't be connected over Public IP but port already opened

gm flag
x60id

Server: Ubuntu 22.04 LTS

SSH can be accessed by:

  1. server using localhost ssh user@localhost
  2. server using private IP ssh user@192.168.1.13
  3. client (android) in LAN using private IP ssh user@192.168.1.13
  4. client (android) outside LAN using public IP ssh user@180.x.x.x

SSH can't be accessed by:

  1. client (windows 10) in LAN using private IP ssh user@192.168.1.13
  2. server using public IP ssh user@180.x.x.x
  3. client (android) in LAN using public IP ssh user@180.x.x.x
  4. client (android) outside LAN using public IP ssh user@180.x.x.x

Port-related configuration

  1. Firewall sudo ufw enable and sudo ufw allow ssh
  2. Router port forwarding
  3. Default sshd_config

Verify Port 22 Opened

  1. sudo ufw status
  2. YouGetSignal Port Forwarding Tester
  3. PortCheckTool

Note

Client (windows 10) in LAN can't connect to server SSH, even though client (android) in LAN can. It may or may not related, but my intention is to make server SSH accessible from any device over the internet.

user@comp:~$ ssh -vv user@180.x.x.x
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 180.x.x.x is address
debug1: Connecting to 180.x.x.x [180.x.x.x] port 22.

ssh -vv user@180.x.x.x gives same result as ssh -vv user@otherRandomIP, even port 22 has been verified by tools in Verify Port 22 Opened as open.

Problem: LAN devices can only connect server with private IP but can't connect with public IP. WAN device can connect server with public IP.

188
1 + 4
ssh
cn flag
Ray
I can't explain the Windows 10 situation with the LAN. I think there's something more going on and it might be on the Windows side. I guess you're using PuTTy or something similar? As for the public IP, I wouldn't bother (yet) about the port/firewall configuration on the server. Check your router. Is it performing port forwarding correctly? Unless your server has two network cards (it doesn't, right?), `180.x.x.x` doesn't matter...it is the router that maps that to `192.168.1.13`. (Oh!! Check `ufw` that you are accepting connections from everywhere on port 22...don't open just to LAN.)
0
Reply
x60id avatar
gm flag
x60id
Windows using PowerShell (Admin). I'm pretty sure for my router setting and ufw by 3 tools I stated on 'Verify Port 22 Opened'. I can validate them by on-off router setting and allow-reset ufw ssh while checking port using those websites, and yes, it maps to my server private IP and status said ```ALLOW``` and ```Anywhere``` for both port 22 (v4 and v6).
0
Reply
cn flag
Ray
I wasn't aware that Windows PowerShell has an `ssh` command. As for `180.x.x.x`, presumably, this is the IP address of your router, right? And when your router sees data coming in at port 22 (or whatever port you want), it then forwards it to `192.168.1.13`, port 22. `180.x.x.x` can't be the IP address of your server because that isn't visible to the outside world. At the moment, I don't think you have a problem with port 22; if you did, then you LAN-based test would have failed. So far, I think it is the mapping of your `180.x.x.x` IP address to LAN.
0
Reply
x60id avatar
gm flag
x60id
Yes, it has in default, at least for my Windows 10. As for the problem, it's my LAN devices can't connect to my public IP but my WAN device can.
0
Reply
Score:0
x60id avatar Ubuntu
gm flag
x60id

This has nothing to do with SSH. If WAN device can access, then it works fine.

Thank you A1 Computers for figuring out my problem.

At first, I thought it was SSH setting even after some discussions in comment. Later, I have similiar problem after hosting web. Its domain can't be accessed by local devices, but it works on WAN device.

I found hairpin NAT or NAT loopback as solution. Unfortunately, my router doesn't seem to have it. Eventhough, this won't be a problem for SSH connection.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.