Hello,

I need to have access via SSH on an OpenWrt (18.06.4) device, that is behind another router (FritzBox running FritzOS) from outside the local network.

The other router (which connects to the internet) is connected to the WAN port of the OpenWrt router and port-forwaring is set for the port to be forwarded from the other router to the OpenWrt router.

In the OpenWrt router I've added this rule to the firewall setup:

config rule                                     
        option target 'ACCEPT'                  
        option proto 'tcp'                      
        option dest_port '2222'                
        option name 'Open SSH'             
        option src 'wan'   

where 2222 is the port SSH is configured to.

From within the local network I can connect without any problems, however from outside (I've tried via a hotspot on a mobile device) I cannot connect.

What am I missing?

Have you forwarded the port in Fritz?

Yes,
in the fritzbox I've following forwarding:

|| Status | Bezeichnung | Protokoll | IP-Adresse im Internet | Port extern vergeben |||
|| ssh | TCP | ipv4adress | 2222 |
|| ssh | TCP | ipv6adress | 2222 |

where ipv4adress is the WAN-address of the OpenWrt device

Then start a tcpdump in OpenWrt to verify that there is incoming traffic.
tcpdump -i INTERFACE -vvn tcp port 2222
where INTERFACE you'll use the physical wan interface, e.g eth1.2

Your configuration in Openwrt is right. If you do not see the connection in tcpdump make sure your hotspot/ISP is not blocking port 2222.

Thanks for the help. I found the solution. The problem was that the device I had for testing only had ipv4 while the router is connected using DS-Lite. When I test it the from an ipv6 device everything works perfect.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.