FreeNAS / Remote SSH

[arctickaypro]

Greetings Neowin,

Hopefully this is an easy one for someone; I have not had this issue (using OpenSSH) in the past so I'm just drawing a blank.

I have set up my first FreeNAS server and have everything running smoothly; all is well on my LAN. However, I would like to access my FreeNAS box remotely through SSH. I am having issues connecting to the built-in SSH server from the WAN side, though.

I only have one interface active on the FreeNAS box and it has no issue reaching the WAN from my gateway (I could receive ping echos, anyway). I have the SSH daemon listening on some arbitrary port (TCP 3612, for example) and verified using netstat that it was, in fact, listening. I have created a port forward rule for inbound TCP:3612 traffic to hit my FreeNAS box. I checked a few different sites to see if port 3612 was visible (it is). I played with a few different ports (including 22) and all the ports were apparently visible from the outside, but no go.

I can reach the box via SSH internally using PuTTY and do what I need to do, but externally, I receive "Connection Refused" from my PuTTY client. I can't make the connection from the inside by going out to my public IP and trying to open a session nor can I make the connection from an alternate Internet connection altogether.

Nothing is logged by my firewall and nothing is in FreeNAS' SSH log.

Any suggestions?

[pyther]

What does your /etc/hosts.allow look like?

It seems as if your freenas box is rejecting outside traffic.

[arctickaypro]

Hmm...it looks like everything is allowed.

[+BudMan MVC]

Well if your freenas logs sshd and or its firewall logs are not showing anything -- then you are not getting there.

What devices do you have between your freenas and the internet? You could be double natting.

edit: Ok I just grabbed a copy of freenas -- and in like 30 seconds had ssh access from the outside my network. Here is from the freenas ssh log

First connection is from my local box, next connection is from outside.

If your not seeing anything in your freenas ssh log -- then your not getting there. You have double nat, your port forward is wrong, your using the wrong public IP to try and get there, etc.

Edited November 29, 2008 by BudMan

[blaszta]

Check your /etc/hosts.deny and make sure it doesn't black listed your IP. Also try to empty this file, reboot the box, and try to connect again.

[+BudMan MVC]

You would think it would be aware if he had created a hosts.deny file, which btw has been deprecated for quite some time.. Both allow and deny rules have been in the hosts.allow file for quite some time.

Freenas does not have that file out of the box - nor do I think it would use it if was created.

And even if it did - it would log that it did so in its ssh log.. He has stated there is nothing in the logs -- which clearly points to he is not even getting to the freenas box.

[arctickaypro]

BudMan is right, there is no hosts.deny file.

All is working now; it had nothing to do with FreeNAS' config itself, incorrect port forwards or using the wrong WAN IP, it was just a dumbass move on my part with a client-side firewall config. ;)

All is well now, thanks for the suggestions though. :)