Port forwarding

Hello - I can't get port forwarding to work. I want port 22 to forward to my office PC at 192.168.1.120. Can someone take a look and let me know where I've gone wrong?

Ugh my ddns was stale. nvmd.

Is the Office PC running its own firewall that might be blocking the connection from an Internet IP?

The Office PC is a running linux mint, no firewall software that I'm aware of. While trying to get this to work I have tcpdump running to monitoring incoming connection ('sudo tcpdump -i enp0s25 -n port 22'). tcpdump shows the ssh access from the lan but nothing from the wan attempts.

Are there any hits on the rule counter?

nft list ruleset | grep SSH

Also, how are you testing the WAN connection? From a mobile phone on cellular, or from a coffee shop WiFi?

Does it make a difference if your WG server is down?

1 Like
root@OpenWrt:~# nft list ruleset | grep SSH
		ip saddr { 192.168.1.0/24, 192.168.9.0/24 } ip daddr <redacted.my.wan.ip.address> tcp dport 22 dnat ip to 192.168.1.120:22 comment "!fw4: SSH (reflection)"
		ip saddr { 192.168.1.0/24, 192.168.9.0/24 } ip daddr 192.168.1.120 tcp dport 22 snat ip to 192.168.1.1 comment "!fw4: SSH (reflection)"
		meta nfproto ipv4 tcp dport 22 counter packets 1 bytes 60 dnat ip to 192.168.1.120:22 comment "!fw4: SSH"

I'm not familiar with this tool's output.

I'm trying to ssh from my cellphone connected to cell service. I believe I have disabled wireguard to no avail. I have also tried using portchecker.co

If you'd open port 22, and skip the forward, you should be able to reach the router via ssh, does it work?

Also, I'd probably set source port to any.

1 Like

thanks for the port source tip!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.