Hello,
I am not able to use ftp and ssh
on the lan.
Both the port are open.
I have the lines on the rules file :
# Accept SSH connections from the local network for administration
#
ACCEPT loc fw tcp 22
#
# Accept ftp connections from the local network for administration
#
ACCEPT loc fw tcp 21
Thanks in advance
Varun
Well I generally attempt to verify a problem like this by using a machine on
MY LAN and typing...
telnet mygate 22
and if it works (press enter twice) I get...
SSH-1.99-OpenSSH_3.9p1
Protocol mismatch.
Connection to host lost.
This tells me that the port is open and listening and that there is nothing
preventing me from connecting to my firewall using ssh (except perhaps a ssh
configuration entry).I imagine you have tried something similar? Have you
also reviewed the logs on your firewall that shorewall generates? You may
also seek ''good'' help by following the support guide located
at the bottom
of your OP. I see none of this information included anywhere in your post...
Jeff
----- Original Message -----
From: <varun_saa@vsnl.net>
To: <shorewall-users@lists.shorewall.net>
Sent: Wednesday, March 30, 2005 6:27 AM
Subject: [Shorewall-users] ssh and ftp
> Hello,
> I am not able to use ftp and ssh
> on the lan.
>
> Both the port are open.
>
> I have the lines on the rules file :
>
> # Accept SSH connections from the local network for administration
> #
> ACCEPT loc fw tcp 22
> #
> # Accept ftp connections from the local network for administration
> #
> ACCEPT loc fw tcp 21
>
>
> Thanks in advance
>
> Varun
>
>
>
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>
DISCLAIMER:
This message was sent from The-Techy.com.
Are you trying to ftp/ssh to your firewall? That is what those rules will
permit.
If so, you obviously need to have appropriate SSH / FTP servers running
there.
Take a look at http://www.shorewall.net/troubleshoot.htm and if that
doesn''t
help, please provide a little more information on what you are trying to
accomplish. See http://www.shorewall.net/support.htm.
- Bob Coffman
-----Original Message-----
From: shorewall-users-bounces@lists.shorewall.net
[mailto:shorewall-users-bounces@lists.shorewall.net]On Behalf Of
varun_saa@vsnl.net
Sent: Wednesday, March 30, 2005 6:28 AM
To: shorewall-users@lists.shorewall.net
Subject: [Shorewall-users] ssh and ftp
Hello,
I am not able to use ftp and ssh
on the lan.
Both the port are open.
I have the lines on the rules file :
# Accept SSH connections from the local network for administration
#
ACCEPT loc fw tcp 22
#
# Accept ftp connections from the local network for administration
#
ACCEPT loc fw tcp 21
Thanks in advance
Varun
_______________________________________________
Shorewall-users mailing list
Post: Shorewall-users@lists.shorewall.net
Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm
----- Original Message ----- From: Jeff <jsoehner@the-techy.com> Date: Wednesday, March 30, 2005 5:37 pm Subject: Re: [Shorewall-users] ssh and ftp> Well I generally attempt to verify a problem like this by using a > machine on > MY LAN and typing... > > telnet mygate 22 > > and if it works (press enter twice) I get... > > SSH-1.99-OpenSSH_3.9p1 > Protocol mismatch. > > > Connection to host lost. > > This tells me that the port is open and listening and that there is > nothingpreventing me from connecting to my firewall using ssh > (except perhaps a ssh > configuration entry).I imagine you have tried something similar? > Have you > also reviewed the logs on your firewall that shorewall generates? > You may > also seek ''good'' help by following the support guide located at the > bottomof your OP. I see none of this information included anywhere > in your post... > > Jeff > > I ran nmap on a client and server and in both casesit showed that the port 21 and 22 were open. Myserver is on Mandrake 10.1 eth0 as WAN with static IP connected to 512K DSL eth1 is LAN>From the client I am able to telnet both port 21 and 22over LAN to the myserver.>From the client and myserver I am able to :telnet mygateway 21>From the client I am able to :telnet myserver 22 Or ssh myserver But from the client or myserver I am not : telnet mygateway 22 Any idea what is wrong ? Thanks Varun
> > Have you > > also reviewed the logs on your firewall that shorewall generates? > > You may > > also seek ''good'' help by following the support guide located at the > > bottomof your OP. I see none of this information included anywhere > > in your post... > > > > Jeff > > > > I ran nmap on a client and server and in both cases > it showed that the port 21 and 22 were open. > > Myserver is on Mandrake 10.1 > eth0 as WAN with static IP connected to 512K DSL > eth1 is LAN > > >From the client I am able to telnet both port 21 and 22 > over LAN to the myserver. > > >From the client and myserver I am able to : > > telnet mygateway 21 > > >From the client I am able to : > > telnet myserver 22 > > Or > > ssh myserver > > But from the client or myserver I am not : > > telnet mygateway 22 > > Any idea what is wrong ? > > Thanks > > VarunAs was just mentioned, if you want help debugging these kinds of problem, PLEASE follow the problem reporting guidelines as outlined in http://www.shorewall.net/support.htm#Guidelines.