My head hurts.. Here's why
I have a 3 nic asl. Internet, DMZ and Internal networks. I have ping and ssh services enabled outbound and enabled inbound from select machines to select boxes on the internal network.
I can ssh from the internal network to another server across the internet. This box is one listed as being allowed to ssh into the internal network to a box.
When I try and ssh in from that outside server I connect but I get weird routing errors from ssh. I can ping this box just fine. Here is the output from ssh.
[jeff@AA-BB-50-66 jeff]$ ssh -v xx.yy.21.11
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /home/jeff/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to xx.yy.21.11 [xx.yy.21.11] port 22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: connect: No route to host
debug1: restore_uid
debug1: Trying again...
debug1: Connecting to xx.yy.21.11 [xx.yy.21.11] port 22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: connect: No route to host
AA.BB.50.66 is the outside box that I can ssh to. xx.yy.21.11 is the internal network box that I cannot ssh to from AA.BB.50.66.
My ISP gave me a transfer network and the routing tables look fine. I do not have proxy arp enabled as I read it is unecessary except when the ISP wont give a xfer net.
Ideas?
Thanks
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
