On Tue, 12 Jul 2005, Michael Hoeller wrote:
Hello Armin
thanks for the relpay:
I think it would help if you outline your network configuration for us so we can better understand what kind of SSH connection you are trying to establish.
My local machine is SuSE 9.2, updated. The remote machine is also SuSE 9.2
with the latest updates. To connect to the remote machine I dialin via isdn and provide static IP adresses.
This is the log from the remote machine, so "local" is actually the remote machine I connect to: Jul 9 21:34:18 omicron ipppd[7273]: local IP address 192.168.55.100 Jul 9 21:34:18 omicron ipppd[7273]: remote IP address 192.168.55.200
this seems to work. But as soon I try to connect via ssh user@192.168.55.200 I get rejected. And the following can be found in /var/log/messages
Jul 9 21:34:22 omicron kernel: SFW2-IN-ILL-TARGET IN=ippp0 OUT= MAC= SRC=192.168.55.200 DST=192.168.55.100 LEN=6 0 TOS=0x00 PREC=0x00 TTL=64 ID=48935 DF PROTO=TCP SPT=1032 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B404 02080A01E052360000000001030302)
On the remote machine I have setup the firewall2 via yast, IP Forwarding is activated and I allow for ssh.
On the remote host, you have to set FW_SERVICES_EXT_TCP="ssh" in the /etc/sysconfig/SuSEfirewall2 file, then restart the firewall on the remote host with "rcSuSEfirewall2 restart".
I am not sure if this is the same as allowing in yast for ssh ??? Need to check.
If the remote host has an internal and an external IP, you have to use the external IP for the SSH-connection when coming from external net and the internal when coming from an internal net. I am using the following IP adresses (local is the remote machine!!) local IP address 192.168.55.100 remote IP address 192.168.55.200 So I think this is ok.
i prefer ascii art :: private remote network isdn dial up gets 192.168.55.200 assigned from server | | isdn dial in 192.168.55.100 server is this right ? -- BINGO: Strukturiertes Vorgehen --- Engelbert Gruber -------+ SSG Fintl,Gruber,Lassnig / A6170 Zirl Innweg 5b / Tel. ++43-5238-93535 ---+