NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Nighthawk R7960P Preventing intranet services (SSH, Bounjour, dropping packets)
My setup is the Nighthawk R7960P sitting behind the AT&T provided all-in-one modem with the wi-fi turned off. The nighthawk is connected with its WAN to the LAN of the AT&T router. My reasoning for t...
The effect you are fighting ref. your RasPi and the random access does very well indicate there are multiple devices with the same IP address ou your network (LAN and WLAN).
Leaving the names alone (no clue what Netgear is riding since they have added this attached device detection): Are the systems on the network with fixed IP addresses? If all devices are DHCP, has everything be cold booted, starting with the router? Check the view with each device coming back to the network, review each device config, ...
Whatever could prohibit ssh on a flat network. Other services are reachable on the Pi?
antinode you always bring up a smile on my face with your messages lol. Except of the "why" which was explaind several times above already.
@antinode wrote:
> I am still unable ssh into my raspberry pi from my hardwired desktop
> nor my macbook through wireless. [...]
"unable" is not a useful problem description. It does not say what
you did. It does not say what happened when you did it. As usual,
showing actual actions (commands) with their actual results (error
messages, LED indicators, ...) can be more helpful than vague
descriptions or interpretations.
What, exactly, is connected to what, exactly? What are the IP
addresses?
From the attached devices table:
Gateway(netgear): 10.0.0.1
Windows 10 hardwire: 10.0.0.10
Raspberry Pi: 10.0.0.8
External IP: XXX.XXX.XXX.ABC
Internal example
CMD run from Windows 10:
ssh pi@10.0.0.8
Response
ssh: connect to host 10.0.0.8 port 22: Connection timed out
External example:
ssh pi@XXX.XXX.XXX.ABC
I am able to get in using my external IP.
That tells me what, exactly?
> [...] In addition, I cannot connect to my scanner same as before.
Regarding "cannot", see "not a useful problem description [...]",
above.
I am not doing anything active with the printer. To test connection, I open the Printers & Scanners tab and see if it is showing as connected or not. Additionally, I try and open the scanner on my mac. If I it shows disconnected on my Windows PC, the scanner has always failed to connect using the scanner utility. I am focused on the raspberry pi since I can run commands on it to identify any issues.
> [...] I set up a port forward for 22 [...]
Where? What was the whole port-forwarding rule?
I had attached a screenshot but the reply is getting blocked. Created a custom service forwarding rule for
Made the following rules
External Start Port= External End Port = Internal Start Port = Internal End Port = 22. Internal IP Address: 10.0.0.8
External Start Port= External End Port = Internal Start Port = Internal End Port = 8080. Internal IP Address: 10.0.0.8
> [...] and was able to successfully SSH into the raspberry pi through
> the external IP but not the internal (10.0.0.x)
From where? How, exactly? Regarding "not [able]", see ""not a
useful problem description [...]", above. "10.0.0.x" is the address of
what, exactly?
SSH process was outlined above. For browser (explained below), I hit the URL:
10.0.0.8:8080
Then
XXX.XXX.XXX.ABC:8080
The internal IP address timed out while the external IP address served the webpage.
> Wouldn't that ruin the point of using the nighthawk?
What _is_ "the point"? Why, exactly, are you adding the R7960P?
I wanted the QoS and administration control mostly. We just moved so when I bought it, it was also for additional wi-fi range. It is now more central where that is not as important. It seems like it would just be for whichever has better WiFi I would want to use.
> [...] If external connections work but internal don't, [...]
Where, exactly, is "internal" when you have two routers?
Inside the netgears subnet while the AT&T is set to passthrough.
I apologize if I missed questions, the formatting is getting hard to follow as the replies continue to grow.
-------------------------------------------------------
To answer the other question.
I set up a simple python server on the raspberry pi to confirm that it was or wasn't just SSH.
python -m http.server 8080
I am able to access that while using the IP: XXX.XXX.XXX.ABC:8080 through chrome. I am unable to access while using 10.0.0.8:8080. Same as SSH.
SSH does not require internet, I should be able to ssh inside the netgears network even without internet access. I can test that if that would provide any info.
Attempting to include screenshots.
- Let me guess (screenshots will become visible once a moderator approved): ping the pi on its IP does not work on the LAN either?
Router LAN IP however works from the same computer? ping 10.0.0.8
Reply from 10.0.0.10: Destination host unreachable. Reply from 10.0.0.10: Destination host unreachable. Reply from 10.0.0.10: Destination host unreachable. Reply from 10.0.0.10: Destination host unreachable.
Your assumption is correct. Is it usual that the self IP will be listed above here? That is the IP of the machine I am pinging from.
If I port forward port 7:ping XXX.XXX.XXX.ABC
It returns quickly.
I can also ping the gateway.> Whatever could prohibit ssh on a flat network[?] [...]
That's my question. You don't need the router for that, only a
working network switch/hub. I suspect that we're missing some critical
details. (Or you've found Netgear's worst firmware ever.)> SSH does not require internet, [...]
Neither does HTTP.
> [...] I should be able to ssh inside the netgears network even without
> internet access. I can test that if that would provide any info.Unless you have some seriously strange routing, the presence of a
router should not affect local traffic.> From the attached devices table: [...]
>
> Gateway(netgear): 10.0.0.1
What is the address of its WAN/Internet interface? (ADVANCED >
ADVANCED Home : Internet Port)> Windows 10 hardwire: 10.0.0.10
That's the only active interface on the Windows system? (Other IP
details?)> Raspberry Pi: 10.0.0.8
That's the only active interface on the R-Pi? Which interface?
(Which R-Pi model?)
> External IP: XXX.XXX.XXX.ABC
That was worthless. If you're worried about revealing secrets, then
the top half of the address, "a.b" out of "a.b.c.d", would satisfy most
of my curiosity. Or, plug that address into the form at:
https://whois.arin.net/ , and see if it is a public or private address.
> ssh pi@10.0.0.8
> ssh: connect to host 10.0.0.8 port 22: Connection timed outSame command from the R-Pi itself?
> Attempting to include screenshots.I can't (yet) see your pictures. In-line images must be approved
by a moderator before others can see them. The time required varies.
Attachments have no such limitation. Of course, attachments have their
own one-per-message limitation.
antinode wrote:> Whatever could prohibit ssh on a flat network[?] [...]
That's my question. You don't need the router for that, only a
working network switch/hub. I suspect that we're missing some critical
details. (Or you've found Netgear's worst firmware ever.)I agree, I am probably missing something here. I took A+ many years ago, but most of it is just a faint memory at this point.
I did downgrade the firmware thinking the latest upgrade may have been the issue. That did not resolve anything.> SSH does not require internet, [...]
Neither does HTTP.
> [...] I should be able to ssh inside the netgears network even without
> internet access. I can test that if that would provide any info.Unless you have some seriously strange routing, the presence of a
router should not affect local traffic.> From the attached devices table: [...]
>
> Gateway(netgear): 10.0.0.1
What is the address of its WAN/Internet interface? (ADVANCED >
ADVANCED Home : Internet Port)76.202.X.X
> Windows 10 hardwire: 10.0.0.10
That's the only active interface on the Windows system? (Other IP
details?)Correct, Wifi is disabled.
> Raspberry Pi: 10.0.0.8
That's the only active interface on the R-Pi? Which interface?
(Which R-Pi model?)
WLAN0, R-Pi 3b v1.2
> External IP: XXX.XXX.XXX.ABC
That was worthless. If you're worried about revealing secrets, then
the top half of the address, "a.b" out of "a.b.c.d", would satisfy most
of my curiosity. Or, plug that address into the form at:
https://whois.arin.net/ , and see if it is a public or private address.Included above.
> ssh pi@10.0.0.8
> ssh: connect to host 10.0.0.8 port 22: Connection timed outSame command from the R-Pi itself?
The pi can connect to itself at 127.0.0.1 and 10.0.0.8.
> Attempting to include screenshots.I can't (yet) see your pictures. In-line images must be approved
by a moderator before others can see them. The time required varies.
Attachments have no such limitation. Of course, attachments have their
own one-per-message limitation.
Let me know if there is anything specific that would be worth screenshotting. The screenshots I included were all just supplemental.> The pi can connect to itself at 127.0.0.1 and 10.0.0.8.
That much, at least, makes sense.
> Ip Table.PNG
Those are address reservations. Are the devices (interfaces)
actually at those addresses? ("ifconfig", "ipconfig", as appropriate?)
> [...] I am probably missing something here. [...]Perhaps everyone is. I'd be tempted to shut everything down,
configure a minimal set of LAN devices (freshly reset router, R-Pi,
Windows system), and see if I could get the basic local stuff to work as
expected. No exotic routes on anything, no address reservations, no
Internet connection, just the basics. Then, if that works, start
complicating things slowly, stepwise. Quit when it stops making sense.Yes, those are the device IP's as well.
I will try and get through that process tomorrow and see if it sheds any light on the scenario.After resetting the configuration, I am able to SSH and connecting to the printer. The only weird thing is that IP Allocation does not seem to be working anymore. I suppose that's not the end of the world though.
Also noticing the naming of the devices is being weird as well.Picture of IP Allocation Table
I just noticed that after adding the static IP Allocation for those two devices, it seems that there are multiple assigned the same IP? In addition, I can no longer SSH. Does that make sense? (I restarted the router after adding in those two rules).
camjones1708 wrote:Also noticing the naming of the devices is being weird as well.
Can't spot anything weird. These are the names the devices provide with the DHCP request....
camjones1708 wrote:Picture of IP Allocation Table
This shows two address reservations for IP<->MAC pairs along with a comment. What should not work now???
camjones1708 wrote:I just noticed that after adding the static IP Allocation for those two devices, it seems that there are multiple assigned the same IP?
"...seems..." ...---... where, how, why?
camjones1708 wrote:In addition, I can no longer SSH. Does that make sense?
No. Except there would be more devices on your network with that very same IP address why ever...
camjones1708 wrote:(I restarted the router after adding in those two rules).
Why ever...
schumaku wrote:
camjones1708 wrote:I just noticed that after adding the static IP Allocation for those two devices, it seems that there are multiple assigned the same IP?
"...seems..." ...---... where, how, why?
I included a screenshot in a previous post of the attached devices. There are two devices with the same IP: 10.0.0.8.
camjones1708 wrote:In addition, I can no longer SSH. Does that make sense?
No. Except there would be more devices on your network with that very same IP address why ever...
I agree, that would be a router issue right?
camjones1708 wrote:(I restarted the router after adding in those two rules).
Why ever...
The IP addresses were not changing after adding the rules.
schumaku wrote:Can't spot anything weird. These are the names the devices provide with the DHCP request....
There are quite a few devices that all received my windows desktop name in the allocation table screenshotted.The effect you are fighting ref. your RasPi and the random access does very well indicate there are multiple devices with the same IP address ou your network (LAN and WLAN).
Leaving the names alone (no clue what Netgear is riding since they have added this attached device detection): Are the systems on the network with fixed IP addresses? If all devices are DHCP, has everything be cold booted, starting with the router? Check the view with each device coming back to the network, review each device config, ...
All are DHCP, so restarting seemed to resolve the issue.
Current setup is AT&T modem in passthrough mode, Nighthawk in router mode with default settings excluding two static IP addresses allocated, and custom Wifi SSID/password.
Thanks for the help! I'm not really sure what was wrong on the previous configuration, but this seems to have resolved it. I can see my printer as well.
