Community discussions

MikroTik App
 
teemx
newbie
Topic Author
Posts: 26
Joined: Mon Jun 20, 2005 9:58 am

SSH to external device fail

Tue May 02, 2006 6:57 am

I am on MT 2.9.23, and I configured MT as basic router.

I have problem on connecting to my remote device via SSH thru PuTTY.

ANy help?

Thanks.
 
User avatar
mezlo
newbie
Posts: 39
Joined: Tue Jan 17, 2006 3:08 am
Location: United States

Wed May 03, 2006 1:00 am

Please post your current firewall masquerade and nat rules. That will help us determine the cause of your problem.

Mezlo
 
teemx
newbie
Topic Author
Posts: 26
Joined: Mon Jun 20, 2005 9:58 am

Wed May 03, 2006 5:48 am

firewall nat

chain=srcnat out-interface=wan action=masquerade

this is the only firewall nat rules in the router.
 
changeip
Forum Guru
Forum Guru
Posts: 3810
Joined: Fri May 28, 2004 5:22 pm

Wed May 03, 2006 5:54 am

What type of remote device is this? Is it SSH1 or SSH2? Does it require any special ssh keys, rsa, dsa, etc... Maybe ssh is incompatible. If you telnet into port 22 you can usually see the type it is using, like MT shows:

SSH-1.99-OpenSSH_2.3.0_Mikrotik_v2.9

What do you get on the remote device when you telnet to port 22?

Are you getting any errors or just a message that it can't connect? Does the remote device have any logging and does it tell you whats wrong?

I know, lots of questions, but you didn't give us any information to help you.

Sam
 
teemx
newbie
Topic Author
Posts: 26
Joined: Mon Jun 20, 2005 9:58 am

Wed May 03, 2006 5:03 pm

The device that I trying to SSH to is a Linux server, and it was working fine before I replaced the firewall with MT.

When I try from another network (which is not routed with MT) and I can connect to that server with PuTTY.

Please advice.

Thanks.
 
User avatar
mezlo
newbie
Posts: 39
Joined: Tue Jan 17, 2006 3:08 am
Location: United States

Thu May 04, 2006 3:02 am

firewall nat

chain=srcnat out-interface=wan action=masquerade
I use the following masquerade rule and don't have any problems:
add chain=srcnat src-address=192.168.69.0/24 action=masquerade
192.168.69.0/24 is my local network (obviously). Try it and see if it resolves your issues.

Mez
 
User avatar
chris-oct
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Tue Mar 21, 2006 6:58 pm

Thu May 04, 2006 5:54 pm

Post firewall filter rules as well
 
changeip
Forum Guru
Forum Guru
Posts: 3810
Joined: Fri May 28, 2004 5:22 pm

Fri May 05, 2006 4:29 am

telnet to port 22 to see if your even getting the MT box ... it might be something else you are connecting to.

Who is online

Users browsing this forum: anav and 114 guests