Cannot connect to SSH remotely

Question

I am using Ubuntu 16.04 LTS on both my client and server computer. The server is running the OpenSSH-server software and I have no problem connecting to it locally. I cannot, however, connect to it remotely (with public IP).

I have forwarded ports to the server in question and I have disabled Ubuntus firewall. I also tried listening for different ports (1022 and 24444) with forwarding enabled without any success. The same error message keeps on showing: Network is unreachable.

What am I doing wrong?

ifconfig client

wlp2s0    Link encap:Ethernet  HWaddr f4:8c:50:ad:69:93  
      inet addr:192.168.38.107  Bcast:192.168.38.255  Mask:255.255.255.0
      inet6 addr: fe80::98db:f0f5:697f:6efc/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:38317 errors:0 dropped:0 overruns:0 frame:0
      TX packets:28963 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:30213501 (30.2 MB)  TX bytes:5871287 (5.8 MB)

ifconfig server

enp3s0    Link encap:Ethernet  HWaddr 1c:1b:0d:ff:19:35  
      inet addr:192.168.38.176  Bcast:192.168.38.255  Mask:255.255.255.0
      inet6 addr: fe80::bdef:8a38:24ec:7c6/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:425268 errors:0 dropped:0 overruns:0 frame:0
      TX packets:209099 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:160570677 (160.5 MB)  TX bytes:81972815 (81.9 MB)

Server is connected to Jensen 7000AC router via cable and client is connected to same router via Wifi.

please provide you network setup and the ip configuration from both server and client. — Gerald Schneider, Jan 02 '18 at 14:47
try `sudo netstat -natpe` and identify the port you should expect it to be listening to and the interface (if it's different from 0.0.0.0 you may have the service open to local only) `ss -tl` would be a good option replacing netstat that is deprecated — ignivs, Jan 02 '18 at 14:47
"I have disabled Ubuntus firewall" with public IPs? Do you plan to start over and build a new server when you figure out how to set up SSH? — Colt, Jan 02 '18 at 14:48
@ignivs `tcp 0 0 0.0.0.0:24444 0.0.0.0:* LISTEN 0 91797` for every port I have tried. — Dreuhn, Jan 02 '18 at 15:43
yes, but you seem to be "troubleshooting" _while_ connected to the Internet through a disabled firewall — Colt, Jan 02 '18 at 15:49
Running a server behind NAT can't be recommended. If you can't get a real internet connection where the server is I suggest you move it to a real hosting provider. — kasperd, Jan 02 '18 at 16:29
@kasperd - Sure, but the server is to be used by me and me alone. If I connect the server to the wall (giving the computer a unique IP) and try to connect using that IP, the same error message appears. — Dreuhn, Jan 02 '18 at 17:12
Am I reading this correctly, that you try to connect to your server through the public IP address of your router while both your server and your client are connected to the internal network of this router? — Gerald Schneider, Jan 02 '18 at 17:40
are you 100% sure the firewall is letting the service go? Try `sudo ufw status` and `sudo iptables -L` What you mean with the "I have forwarded ports to the server in question"? are you trying reaching the server from the client you mentioned or the outside of that network. Can you explicit your ssh or telnet command you are issuing to test? — ignivs, Jan 02 '18 at 20:21
Possible duplicate of [Loopback to forwarded Public IP address from local network - Hairpin NAT](https://serverfault.com/questions/55611/loopback-to-forwarded-public-ip-address-from-local-network-hairpin-nat) — kasperd, Jan 02 '18 at 21:24
@ignivs I am trying to reach the server from the client by connecting to the routers public IP. Port forward to forward the request to the server. — Dreuhn, Jan 03 '18 at 14:51
Because the external interface of your router is not reachable from the internal network. You'll have to test this from the outside. — Gerald Schneider, Jan 03 '18 at 14:51
Agree with @GeraldSchneider that there could be the issue, I guess the issue is in the forward, not in the ssh. Check the router logs, check if the port where you set ssh is open in the firewall (allow / drop / reject will occur before the port foward) — ignivs, Jan 03 '18 at 15:26
@GeraldSchneider - I am connecting using my client. My client connects to my ISP, then to my router which then routes it to my server. — Dreuhn, Jan 04 '18 at 01:38
@ignivs - As i said previous, it doesn't matter if I give the server a unique public IP - the problem stays! — Dreuhn, Jan 04 '18 at 01:38
@BjörnMosten There is still a lot unclear with the information you have given. Please provide your complete configuration, including a network diagram, IP addresses used, routing tables etc., everything needed to reproduce your problem. See [ask] in the help center. Also the commands you used to test the configuration, with the complete output. Every bit could be relevant. — Gerald Schneider, Jan 04 '18 at 07:11
Alright, here's a diagram: https://i.imgur.com/3UXtBK0.png I can connect when using the servers local IP. When connecting using the routers public IP, the connection from the client gets forwarded to the server by the router but for some reason, the server ignores the SSH connection attempt. — Dreuhn, Jan 18 '18 at 13:15

Dreuhn · Accepted Answer · 2018-12-18T11:17:38.687

0

The problem I had was caused by CGN, or carrier-grade NAT used by my ISP. I had to contact my ISP and ask for a public IP in order for it to work.

If you live in Sweden, pretty much every ISP require you to contact them in order for a public server to work.

edited Dec 18 '18 at 11:17

answered Dec 18 '18 at 10:58

Dreuhn

1
4

Cannot connect to SSH remotely

1 Answers1