Luis, I'm sure it must a problem of Nat but if you look at the output of "iptables -t nat -L -n -v" you can read this line (a bit mixed up!): Chain PREROUTING (policy ACCEPT 1081 packets, 70666 bytes) > > pkts bytes target prot opt in out source > > destination 0 0 DNAT tcp -- eno1 * > > 0.0.0.0/0 192.168.1.120 tcp dpt:2222 > > to:192.168.3.1:2222
in my very very low knowledge, it should do Nat! But it doesn't :-( Thanks, Aldo :-) Il giorno Wed, 7 Feb 2018 17:47:30 -0300 Luis <luislope...@gmail.com> ha scritto: > Aldo, > > "Router" and "My PC" are not in the same network. Does your "File > Server" do NAT ?? > > Luis.- > > > On 07/02/18 16:41, Aldo Maggi wrote: > > I'm having problems with ssh from the Wan while contacting my Pc in > > the Lan. > > > > It worked when I just had to go through the Router provided by the > > ISP but problems arose when I've decided to use a small server > > which I want to use as file server for our family Pc's, Laptops and > > smartphone + for transferring there the webserver where I have my > > blog. My home lan (limiting it to my Pc) is as follows: > > > > > > WAN > > | > > ---------- > > | Router | > > ---------- > > | 192.168.1.1 > > | > > eno1 | 192.168.1.120 > > ---------------- > > | | > > | File Server | > > | | > > ---------------- > > eno2 | 192.168.3.1 > > | > > enp2s0 | 192.168.3.100 > > ---------------- > > | | > > | My Pc | > > | | > > ---------------- > > > > From the File Server I can ssh my pc on port 2222 > > From the lan (which is in 192.168.1.0) it is not possible to ssh > > my pc which is in the 192.168.3.0 net > > > > > > File Server: > > (in "ufw status" output I have left only what I have thought to be > > of interest) > > root@Casa-mia-1:~# ufw status > > Status: active > > > > To Action From > > -- ------ ---- > > 22/tcp ALLOW Anywhere > > OpenSSH ALLOW Anywhere > > SSH ALLOW Anywhere > > Anywhere ALLOW 192.168.3.100 > > Anywhere ALLOW 192.168.3.0/24 > > 2222/tcp ALLOW Anywhere > > 22/tcp (v6) ALLOW Anywhere (v6) > > OpenSSH (v6) ALLOW Anywhere (v6) > > SSH (v6) ALLOW Anywhere (v6) > > 2222/tcp (v6) ALLOW Anywhere (v6) > > > > > > root@Casa-mia-1:~# iptables -t nat -L -n -v > > Chain PREROUTING (policy ACCEPT 1081 packets, 70666 bytes) > > pkts bytes target prot opt in out source > > destination 0 0 DNAT tcp -- eno1 * > > 0.0.0.0/0 192.168.1.120 tcp dpt:2222 > > to:192.168.3.1:2222 > > > > Chain INPUT (policy ACCEPT 21 packets, 2919 bytes) > > pkts bytes target prot opt in out source > > destination > > > > Chain OUTPUT (policy ACCEPT 125 packets, 8738 bytes) > > pkts bytes target prot opt in out source > > destination > > > > Chain POSTROUTING (policy ACCEPT 125 packets, 8738 bytes) > > pkts bytes target prot opt in out source > > destination 885 56073 MASQUERADE all -- * eno1 > > 192.168.3.0/24 0.0.0.0/0 > > > > root@Casa-mia-1:~# cat /etc/ufw/sysctl.conf |grep -i ip_forward > > net/ipv4/ip_forward=1 > > > > My Pc: > > > > root@aldomaggi:~# iptables -t nat -L -n > > -v Chain PREROUTING (policy ACCEPT 0 packets, 0 > > bytes) pkts bytes target prot opt in out > > source > > destination > > Chain INPUT (policy ACCEPT 0 packets, 0 > > bytes) pkts bytes target prot opt in out > > source > > destination > > Chain OUTPUT (policy ACCEPT 0 packets, 0 > > bytes) pkts bytes target prot opt in out > > source > > destination > > Chain POSTROUTING (policy ACCEPT 0 packets, 0 > > bytes) pkts bytes target prot opt in out > > source destination > > > > root@aldomaggi:~# cat /etc/ssh/sshd_config |grep -i port > > #Porta non standard 2222 > > Port 2222 > > > > I thank you in advance for any help you can give me! > > > > Aldo :-) > > > > > > > > >
