[CLUE-Tech] SSH through Cisco
David Anselmi
anselmi at americanisp.net
Sun Jan 26 14:30:08 MST 2003
Sean LeBlanc wrote:
[...]
> bash-2.05$ ssh -v foo at 10.0.0.1
This doesn't work. Your nat entry is only between the outside IP
(wan0-0) and the inside. You have to use the outside IP as the
destination for ssh.
You may be able to set up a nat entry with a specific outside IP of
10.0.0.1 (set nat entry add 10.0.0.2 22 10.0.0.1 22 tcp). But that may
be routed differently so it may not work.
Likely the reason you can't ssh to the outside IP is that Americanisp
blocks well known ports unless you have an "advanced" account. If you
don't need to use port 22 on the outside you can set it up on another
>1024. Or at least do that to test it.
Americanisp has a mail list for "network notifications". The only
notice I saw of their change in account policies (to block well known
ports) was on that list the day the change went into effect. Very poor
customer service, IMHO.
HTH,
Dave
More information about the clue-tech
mailing list