cancel
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

Router not forwarding to port 22

dabrown13
2: Seeker
2: Seeker

I used to forward a public port TCP to port 22 to allow me to gain remote ssh access to my servers.

 

I had a problem with my line, and the firmware has been updated, and I am no longer able to map to port 22 - "The selected port cannot be configured as it is reserved for internal usage. Please use a different port."

 

Chat were unable to help me. I don't really want to go through the hassle of editing all of my sshd.conf files to listen on another port.

 

Has anyone else solved this?

5 REPLIES 5

CrimsonLiar
16: Advanced member
16: Advanced member

Surely if you are port forwarding you'd only need to change a single sshd.conf file as everything incoming on what is now port 22 would be forwarded to that one device?

I guess the VF router having a "simple" firewall it's not going to be possible to create FQDN:22 type links.

I would actually have thought editing the sshd.conf would at least have given the benefit of being able to set up multiple servers!

Cant really see any alternative than to map each device/server to it's own port and then have those ports forwarded.

The setup here is a third-party router.  If I need to SSH in then I use a FQDN through a VPN host running on the router, and even then I'm not using port 22 - and I wouldn't even consider that paranoid!

Thanks - I've got loads of servers hence the desire not to change port 22.

 

For the benefit of others:

- I opened ssh on another port to get round the problem. So solved.

- Just add "port xxxx" to /etc/ssh/sshd.conf 

 

From a security perspective I don't allow password logins on ssh - I always require a key.

 

Interestingly, chat support guaranteed me the problem would be 100% solved tomorrow once they re-corrected my static ip.  Sounds implausible to me, but I'll update if it works!

 

So how exactly are you port forwarding the same port to multiple servers?  Every way I can think to bodge this gets very messy very quickly!

I'm not - each server has a different external port.  The router then maps to the servers internal ip and port 22 (now something else).

 

If you're interested, I am mapping port 80 requests to different machines using nginx.

Yup my bad, I'm just thinking of poking holes straight through the firewall.  Because it's not something that I do I guess I'm a bit rusty!  Which does beg the question as to why Vodafone would prevent this!