Netgear DG834G firewall rules

hostyle

I have a Netgear DG834G. I'm trying to figure out how to allow ssh access from outside through the firewall into a linux box on the inside?

Under "Firewall Rules" I've added an INBOUND rule for SSH, with ALLOW always and both LAN and WAN IPs of 192.168.0.5 (I wasn't too hot on having to add both, but you _must_ specify a LAN IP, and my machine is on the WAN, not the LAN). /etc/hosts.allow is temporary set to allow ssh access from ALL.

When running PuTTy or ssh from various machines on the big bad internet, the Netgear firewall logs says it has detected an SSH attempt and passed it onto 192.168.0.5, however /var/logs/auth.log on 192.168.0.5 doesn't mention anything about it. The lack of logs on 195.168.0.5 leads me to belive its a Netgear setup problem.

PS. Unfortunately I can't use the LAN as the Netgear is in my neighbours house and he's away.

Hugh_C

Originally posted by hostyle
I have a Netgear DG834G. I'm trying to figure out how to allow ssh access from outside through the firewall into a linux box on the inside?

Under "Firewall Rules" I've added an INBOUND rule for SSH, with ALLOW always and both LAN and WAN IPs of 192.168.0.5 (I wasn't too hot on having to add both, but you _must_ specify a LAN IP, and my machine is on the WAN, not the LAN). /etc/hosts.allow is temporary set to allow ssh access from ALL.

When running PuTTy or ssh from various machines on the big bad internet, the Netgear firewall logs says it has detected an SSH attempt and passed it onto 192.168.0.5, however /var/logs/auth.log on 192.168.0.5 doesn't mention anything about it. The lack of logs on 195.168.0.5 leads me to belive its a Netgear setup problem.

PS. Unfortunately I can't use the LAN as the Netgear is in my neighbours house and he's away.

I don't follow your question...

I'm doing the same thing - allowing ssh access on port 22 through the DG834G to a particular machine on the LAN. I'm confused that you need to give a WAN address, coz you don't neccessarily know where your traffic will be coming from.

The lack of logs would suggest that it's your linux box at fault rather than the router, since the router log is telling you that it has detected an SSH query.

I'm on OS X 10.3.3 so I can't help you with your ssh setup.

PS just break into your neighbour's house, I'm sure he won't mind...

hostyle

Originally posted by hughchal
I don't follow your question...

I'm doing the same thing - allowing ssh access on port 22 through the DG834G to a particular machine on the LAN. I'm confused that you need to give a WAN address, coz you don't neccessarily know where your traffic will be coming from.

Hrm, I always wondered what that whole WAN thing was. I presumed they were seperating the wired machines from the wireless ones. It seems I was quite wrong. Serves me right for not reading the help column.

The lack of logs would suggest that it's your linux box at fault rather than the router, since the router log is telling you that it has detected an SSH query.

Ehm, no. No packets are reaching the linux box. If they were they would be in a log somewhere.

Anyway I've turned off specifying an IP on the WAN for the firewall rule.

.. and it worked Thanks. And you weren't even trying