1
At my university, we use the Eduroam wireless. It gives my Tablet 131.220.206.8 and my computer 131.220.202.17. I'd like to SSH to the Tablet, but I cannot connect to it.
How can I access computers in a different subnet? Or are they not visible to each other at all?
Martin Ueding
Posted 2013-04-08T09:23:25.960
Reputation: 1 857
4
There are many possible reasons to why your not able to make a connection between your two machines using SSH.
The university might not have a route between the two networks/subnets. In that case you will have to talk with the IT department of your university to find a solution if this is valid use. Note that often the IT department will on purpose do this to hinder users from being able to converse over the different subnets.
You can check if there is a route by trying the following: 1. ping your devices on both sides. 2. run traceroute on your IP and see where it stops.
Another reason that SSH might not work is that the IT department is blocking port 22 on their network. Forcing the SSH server to run on another port and connect to it using the new port might help.
You can check for this type of problem by using for example nmap and see which ports are open on the receiving host. If your SSH port does not appear to be open the router or gateway might be blocking the port.
AthomSfere mention that you should be able to SSH if you can ping the host. Often this is true but does not necessarily mean that it is true because they might be blocking SSH but not ping.
I hope this helps. Cheers.
Mogget
Posted 2013-04-08T09:23:25.960
Reputation: 1 186
Yep, your dead on. Not enough coffee gives lazy answers. +1 – Austin T French – 2013-04-08T11:27:52.893
1
The networks must have routes built between the two subnets. If the route exists, then you would access them by IP as though they were one network.
You can start by using PING from the tablet to your PC and see what happens. If it resolves then you should be able to SSH too.
Austin T French
Posted 2013-04-08T09:23:25.960
Reputation: 9 766
1
Actually, this most likely has nothing to do with routing. What is probably in place is wireless client isolation or wireless-to-wireless blocking.
This is a feature that is often implemented on wireless to provide increased security, especially on wireless networks where you will have diverse groups connecting over which you have little control over the devices connecting.
This often includes public hotspots, guest networks, and other wireless where multiple organizations conneect at the same time. As you mention, eduroam is a perfect example of a type of network where you will often find this feature enabled as it is desgined to allow users from any member univeristy to connect.
There is little you can do about this as most of the client isolation features function at L2. If you can, try connecting one of the devices to a wired network port as this will most likely then work. The only other alternative I can give is to set up a ad-hoc network between the two devices, but that would potentially have it's own side effects and drawbacks.
YLearn
Posted 2013-04-08T09:23:25.960
Reputation: 1 741
Sounds legit for the majority of use cases. I wrote them an email to see what is really going on. – Martin Ueding – 2013-04-08T19:56:39.013
It would be a good idea to speak to the IT department as they will have configured routing for the network. – Amicable – 2013-04-08T10:23:02.677