I am trying to enable SSH access to my home server via SSH from a public IP address. But the SSH server is not responding to requests from a public IP address. Connections from a local IP work fine.
I have set up port forwarding in the router, and I have allowed the connection both in the router firewall and the server iptables firewall.
In iptables, I have the following rule:
pkts bytes target prot opt in out source destination
117 7052 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
And I can see the 'pkts' field increment each time I try to establish a connection.
I can also see from WireShark that the server receives a TCP SYN packet on port 22, but there is no matching outgoing ACK packet.
I have also inspected /etc/ssh/sshd to make sure nothing is in there that would discriminate based on the IP address.
I have looked at the logs with journalctl, but they do not show anything when I try to make the connection. And I have tried running sshd manually with /usr/sbin/sshd -d, but there is no output when I try to make a connection.
Now I am stumped as to what the issue could possibly be. What else could block the connection based on the IP address?
ss -l -nin addition to other information I got0.0.0.0:22forLocal Address:Portand the STATE was LISTEN, as expected. – Doug Smythies May 24 '23 at 21:42sudo iptables -xvnLand edit the output into your question. Based on the details in your question, I disagree with @user68186 that the port forwarding on your router is not correctly configured, but maybe I misunderstand something. – Doug Smythies May 24 '23 at 22:06