NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Retired_Member's avatar
Retired_Member
Sep 27, 2017

problems setting up remote ssh with netgear C3700-100NAS router

I've got an ubuntu desktop at home and a mac laptop. I'm trying to set this up so that I can ssh into my ubuntu machine from outside my local network.   Here is what I have done so far: (1) I've e...
Troubleshooting
antinode's avatar
antinode
Guru
Sep 27, 2017

> (1) I've enabled ssh on port 22 on my ubuntu machine. The file
> /etc/ssh/sshd_config says it is listening on Port 22.

   Existence of a configuration file is not evidence of much.

> (3) On my Netgear C3700-100NAS router, I reserved the ip address to my
> ubuntu machine so that it won't change.
>
> (4) I set up port forwarding, with service type TCP/UDP, with external
> port 8022 and internal port set to 22, and it points to my internal IP
> address.

   This all sounds good, but copy+paste of the actual data/reports would
be more convincing than your claim that you did everything correctly.

> I can successfully ssh into my ubuntu machine from home, on the local
> network, using the local ip address.

   That's better.  From which system ("from home") into the "my ubuntu
machine"?

> But remote ssh times out.

   How "remote"?  What happens if you do the same thing ("from home", on
your LAN) but specifying the public IP address and "-p 8022"?

> [...] port 8022: Operation timed out

   If the server were entirely inaccessible, then I'd've expected
"Connection refused".  (Try it to some odd-ball port, like, say, 8021,
instead of 8022.)  I'd expect "Operation timed out" if the server didn't
have a valid route back to the client, or there's some firewall which is
causing replies to be discarded.

> Any ideas how to troubleshoot this?

   Nothing likely to be useful.  I assume that Telnet to port 8022 would
suffer from the same sort of error as SSH.  A C3700 is a cable router,
so I assume that there's no other router between "my ubuntu machine" and
the outside world.

   You might see if you can rig port forwarding for some port
combination like ext=8089/int=80, and then see if a Web browser can find
the Web server on "my ubuntu machine" ("http://<public_ip_addr>:8089").
(You must be running one there, right?)  The question would be whether
every port is blocked, or there's something special about 8022->22.

   I do this stuff with my D7000 with no difficulty, but the SSH servers
here are on a Mac and a VMS system, not any GNU/Linux.  Not that it
should matter, unless there's a rogue firewall somewhere in your stuff.