1

Okay, this is a weird one. I normally don't ask questions here, but I'm about 5 hours in and my brain is melting.

I have set up a sftp server on my network with the following attributes in my sshd_config file:

Match group sftp
ChrootDirectory /home
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp -d /dataUser/drive1/data/

This works perfectly fine when I use it locally and I can also connect to the root user when I connect locally from another PC. The device has the local IP 192.168.0.42. Let's call this device A.
Now I want to use this over the internet, so naturally, I forwarded port 4000 to port 22 on this device:
port forwarding - left number LAN, right number WAN Port.

Ok. So let's try to connect.
Error message: Connection timed out

So is it the port forwarding? I have another Server on WAN port 42069 that forwards to the LAN IP 31 with Port 22 (and also other ports. They all (just) work). Let's call that device B. It works fine. From inside the network and outside.

I also tried to connect to A with ssh to the root user instead of sftp to the dataUser. It works on the network, it doesn't work from the outside.

Ok, so I scanned my Ports with nmap:
Port 42069 goes to device B - STATE: open
Port 4000 goes to device A - STATE: filtered

I also tried one of those websites - CanYouSeeMee.org and apparently my ISP is not blocking this port.

So I tried the same with samba file sharing. Same result. It works inside the network, it doesn't from the outside. That Website shows my ISP is not made by the devil to waste my time and nmap shows the state 'filtered'.

I changed the ports multiple times, I deactivated my firewall in the router settings, which I already restarted two times (the same with my Client and Server for that matter).

I really don't know if this is fixable. I have currently given up on this, maybe you can help me.

Improve this question
9
  • Does the device show that it is receiving packets on port 4000 when you try to connect?
    – grawity_u1686
    Commented Apr 4, 2022 at 9:45
  • How do I test that?
    – MySurmise
    Commented Apr 4, 2022 at 9:46
  • By using a packet capture tool, such as tcpdump, Wireshark, or Windows' pktmon.
    – grawity_u1686
    Commented Apr 4, 2022 at 9:49
  • It is not quite clear to me if all the trouble is on the same device. If so, check for firewalls on that device.
    – Gantendo
    Commented Apr 4, 2022 at 9:55
  • Okay @user1686 if I understand correctly, I should Capture Packets from the router IP? If so, these are the lines received: 10:04:50.347430 ARP, Request who-has omv tell kabelbox.local, length 46 10:04:50.352059 IP kabelbox.local.domain > omv.54562: 31782* 1/0/1 PTR omv. (71) 10:04:50.354611 IP kabelbox.local.domain > omv.36621: 18350* 1/0/1 PTR kabelbox.local. (81) 10:04:55.470413 ARP, Reply kabelbox.local is-at 48:4e:fc:9e:9b:39 (oui Unknown), length 46 10:04:57.577792 IP kabelbox.local > all-systems.mcast.net: igmp query v3
    – MySurmise
    Commented Apr 4, 2022 at 10:07

2 Answers 2

Reset to default
1

Your router evidently does not support NAT Loopback, meaning a loop such as:

PC -> router -> internet -> router -> PC.

NAT Loopback/hairpinning is not supported on many consumer routers.

To connect to your computer via your public IP, you should connect from outside your local network. For example, use your phone.

Improve this answer
1
  • Just noticed that myself, but you are right. That was the problem.
    – MySurmise
    Commented Apr 4, 2022 at 11:14
0

What router do you have to port forward. Did you use your public IP on a different network.

You need to use another network (say a hotspot with your phone) to access your port forward or else all traffic will go to the router itself.

This works for me on my OpenWRT router

Improve this answer
1
  • Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.
    – Community Bot
    Commented Apr 4, 2022 at 11:15

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .