0

I'm having a hell of a time configuring a Cisco 837. All I want is to set it up to forward port 22 to an internal IP. I've got that going, so I can ssh into the internal server. However, if I try to ssh from the internal server into my external IP address, I somehow end up at the login for the router itself.

me@remote$ ssh user@mydomain.com
user@mydomain.com's password:
# Log in successfully
me@local$ ssh user@mydomain.com
*******************************************
*         Default router banner           *
*******************************************
Password:

What's going on here? I know I can run ssh on a different port on the internal server to get around this issue, but why is it happening?

More info - I also have a port forwarded to a local webserver. Accessing it remotely works as expected - I get mydomain.com/index.html. Accessing it locally goes to the router's web login. If I execute 'no ip http server' then try to connect, I get 'Failed to Connect'.

stickmangumby
  • 526
  • 2
  • 5
  • 11

1 Answers1

1

You're seeing two different things here. Your router is answering for SSH because you have it enabled. Change the router's SSH port to something else with:

no ip ssh port 22
ip ssh port 10022

Use whatever port number you want in place of 10022.

The "forwarded port" re: the web server and "accessing locally" is a different thing entirely. When you're on the LAN attempting to access the external-side IP address of the router your packets ingress on an interface that's not subject to NAT.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • Thanks for the reply Evan. I don't really understand what's happening with the LAN-side access as in all my other experiences it works as desired. Is it possible to set it up to do this? – stickmangumby Aug 11 '09 at 00:14