ssh, I'm not listening ...
May 23, 2009 3:32 PM   Subscribe

How do I really - no, really - put my home server in my Linksys WRT350N router's DMZ? The router says it is, but it clearly isn't.

I'm having great difficulty getting a server to pass through an SSH connection to the internet. This used to work fine with an older Netgear router, but the Linksys WRT350N is not so happy. Everything in the router and modem's configuration would appear to show that pass-through to the DMZ should happen, but it's clearly not. I can't ssh or ping the server from a remote location.

I've tried putting the Speedtouch 546 modem into bridge mode, but all that happens is I lose the ability to resolve IP addresses.

I have the MAC address of the Sheevaplug server set as being the DMZ in the WRT350N. The 546 is set to put the router as a public IP. I have a static IP.

I know I could connect the server to one of the ports on the Speedtouch, but I really need to be able to see it inside my network.
posted by scruss to Computers & Internet (9 answers total)
 
This doesn't exactly answer your question, but it appears that V1 of the WRT350N supportssupports DD-WRT and Sveasoft, two more robust and full-featured alternatives to the default firmware, which (as you're finding out) is pretty dinky.

Wiki / Instructions for DD-WRT on the WRT350N here.
posted by limon at 4:27 PM on May 23, 2009


Best answer: You really should try to get bridged mode working, and then just do everything from the router. Once it's working it makes everything else much simpler

When you say you just lose the ability to resolve IPs, have you plugged in all the connection stuff on the router and just tried to get a PPP connection on it first?
posted by pompomtom at 5:51 PM on May 23, 2009


Best answer: I'm having a hard time parsing your setup, I had to read your question a few times to come up with this:
- DSL modem has public IP
- DSL modem assigns a different public IP address to the external router port via DHCP
- Router is configured with a DHCP reservation (private IP) for the server
- Server is plugged into DMZ router port and is configured to grab an address via DHCP

Is that correct? (not trying to be snarky, just make it easier for any other responders)

Some basic troubleshooting questions:
- Can the server access the internet? Does it grab the reservation you set up for it?
- Can you ping the server from inside your network?
- Can ping the router from a remote location?
- What do the router access and port forwarding lists look like?

I've tried putting the Speedtouch 546 modem into bridge mode, but all that happens is I lose the ability to resolve IP addresses.
The router is getting its DNS settings from the modem. You should be able to enter them manually on the router, but really I would leave the modem as it was since it worked with the other router. It's easier to troubleshoot when you only change one thing at a time.
posted by txvtchick at 7:15 PM on May 23, 2009


ummm... i think you need to figure out putting your modem into bridge mode first. if you aren't doing the PPPoE from the wrt350n then i can only assume it is just plugged into a port on the modem/router (and i won't even speculate on what network it's actually on):

right now, I think the DMZ of the wrt350 is between it and the Speedtouch, it doesn't see the big bad internet at all.

if you don't want to figure out 'bridge mode' you need to put your server on the DMZ of the _Speedtouch_ (if it has that capability)
posted by geos at 8:03 PM on May 23, 2009


and then connect the server directly to the speedtouch...
posted by geos at 8:04 PM on May 23, 2009


Isn't a DMZ supposed to be inaccessible from the local network?
posted by gjc at 8:05 PM on May 23, 2009


If I read your setup correctly (interpreting same as txvtchick) you cannot make this work until you put your modem in bridge mode. Right now it's doing the NAT for your network, and no matter what you do to your wireless router, it won't do a thing. You need to put the modem in bridge mode, configure your router with your DSL login stuff / cable login stuff. DHCP will then run off the router, assiging private IPs to your network. You can set a private static IP for your server, and set the "DMZ" to point to there.

re: gjc, an actual DMZ will have to pass through some sort of network bridge to get to the internal network. (Not necessarily inaccessible, but there is a firewall in between) This is home networking though, where DMZ just means that all incoming ports are forwarded to the IP set in the DMZ - at least as far as I understand it.
posted by defcom1 at 8:25 PM on May 23, 2009


If the only goal is to make ssh available, doing the whole DMZ setup seems overkill. Simply forwarding port 22 to the internal server is easier, and safer.
posted by nomisxid at 12:43 AM on May 24, 2009


Response by poster: Thanks. Finally figured out bridged mode, where you basically need to put the PPPOE parameters in the router.

Setup was basically as intuited by txvtchick. It would seem that a combination of putting the server in the DMZ and forwarding a port range of 22-22 (yes, the WRT350N has broken single port forwarding) made it work.

(the sheevaplug was the server I eventually ended up with after asking this question, btw.)
posted by scruss at 7:39 AM on May 26, 2009


« Older BRICKLAYING   |   Help me find out what I'm missing on the Beebs Newer »
This thread is closed to new comments.