Hello, I am not able to use ftp and ssh on the lan. Both the port are open. I have the lines on the rules file : # Accept SSH connections from the local network for administration # ACCEPT loc fw tcp 22 # # Accept ftp connections from the local network for administration # ACCEPT loc fw tcp 21 Thanks in advance Varun
Well I generally attempt to verify a problem like this by using a machine on MY LAN and typing... telnet mygate 22 and if it works (press enter twice) I get... SSH-1.99-OpenSSH_3.9p1 Protocol mismatch. Connection to host lost. This tells me that the port is open and listening and that there is nothing preventing me from connecting to my firewall using ssh (except perhaps a ssh configuration entry).I imagine you have tried something similar? Have you also reviewed the logs on your firewall that shorewall generates? You may also seek ''good'' help by following the support guide located at the bottom of your OP. I see none of this information included anywhere in your post... Jeff ----- Original Message ----- From: <varun_saa@vsnl.net> To: <shorewall-users@lists.shorewall.net> Sent: Wednesday, March 30, 2005 6:27 AM Subject: [Shorewall-users] ssh and ftp> Hello, > I am not able to use ftp and ssh > on the lan. > > Both the port are open. > > I have the lines on the rules file : > > # Accept SSH connections from the local network for administration > # > ACCEPT loc fw tcp 22 > # > # Accept ftp connections from the local network for administration > # > ACCEPT loc fw tcp 21 > > > Thanks in advance > > Varun > > > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe:https://lists.shorewall.net/mailman/listinfo/shorewall-users> Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >DISCLAIMER: This message was sent from The-Techy.com.
Are you trying to ftp/ssh to your firewall? That is what those rules will permit. If so, you obviously need to have appropriate SSH / FTP servers running there. Take a look at http://www.shorewall.net/troubleshoot.htm and if that doesn''t help, please provide a little more information on what you are trying to accomplish. See http://www.shorewall.net/support.htm. - Bob Coffman -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net]On Behalf Of varun_saa@vsnl.net Sent: Wednesday, March 30, 2005 6:28 AM To: shorewall-users@lists.shorewall.net Subject: [Shorewall-users] ssh and ftp Hello, I am not able to use ftp and ssh on the lan. Both the port are open. I have the lines on the rules file : # Accept SSH connections from the local network for administration # ACCEPT loc fw tcp 22 # # Accept ftp connections from the local network for administration # ACCEPT loc fw tcp 21 Thanks in advance Varun _______________________________________________ Shorewall-users mailing list Post: Shorewall-users@lists.shorewall.net Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users Support: http://www.shorewall.net/support.htm FAQ: http://www.shorewall.net/FAQ.htm
----- Original Message ----- From: Jeff <jsoehner@the-techy.com> Date: Wednesday, March 30, 2005 5:37 pm Subject: Re: [Shorewall-users] ssh and ftp> Well I generally attempt to verify a problem like this by using a > machine on > MY LAN and typing... > > telnet mygate 22 > > and if it works (press enter twice) I get... > > SSH-1.99-OpenSSH_3.9p1 > Protocol mismatch. > > > Connection to host lost. > > This tells me that the port is open and listening and that there is > nothingpreventing me from connecting to my firewall using ssh > (except perhaps a ssh > configuration entry).I imagine you have tried something similar? > Have you > also reviewed the logs on your firewall that shorewall generates? > You may > also seek ''good'' help by following the support guide located at the > bottomof your OP. I see none of this information included anywhere > in your post... > > Jeff > > I ran nmap on a client and server and in both casesit showed that the port 21 and 22 were open. Myserver is on Mandrake 10.1 eth0 as WAN with static IP connected to 512K DSL eth1 is LAN>From the client I am able to telnet both port 21 and 22over LAN to the myserver.>From the client and myserver I am able to :telnet mygateway 21>From the client I am able to :telnet myserver 22 Or ssh myserver But from the client or myserver I am not : telnet mygateway 22 Any idea what is wrong ? Thanks Varun
> > Have you > > also reviewed the logs on your firewall that shorewall generates? > > You may > > also seek ''good'' help by following the support guide located at the > > bottomof your OP. I see none of this information included anywhere > > in your post... > > > > Jeff > > > > I ran nmap on a client and server and in both cases > it showed that the port 21 and 22 were open. > > Myserver is on Mandrake 10.1 > eth0 as WAN with static IP connected to 512K DSL > eth1 is LAN > > >From the client I am able to telnet both port 21 and 22 > over LAN to the myserver. > > >From the client and myserver I am able to : > > telnet mygateway 21 > > >From the client I am able to : > > telnet myserver 22 > > Or > > ssh myserver > > But from the client or myserver I am not : > > telnet mygateway 22 > > Any idea what is wrong ? > > Thanks > > VarunAs was just mentioned, if you want help debugging these kinds of problem, PLEASE follow the problem reporting guidelines as outlined in http://www.shorewall.net/support.htm#Guidelines.