TechSpot

Telnet through WAN to UNIX

By gavinseabrook
May 2, 2007
  1. Hey all,

    I just completed a job where they wanted to go wireless and switch ISP. Well, I setup all the new ISP WAN info in the router (WRT54G Linksys wireless router), and set the telnet port (23) to the address of their UNIX server. They use a software called Medical Manager, and we have no problems what so ever telnetting to this server from inside the network. The problem I am having, is that it wont telnet from the WAN address. Let me make a small diagram:

    Router IP: 192.168.2.1
    UNIX SERVER: 192.168.2.99


    The telnet port is forwarded to .99, and I even turned on DMZ to .99, still no telnet to the wan address. The WAN is pingable from any location I am at, and I have a remote connection to one station there at the office. Has anyone ever expeirienced this before?

    BTW: I have updated the router to the newest firmware.
     
  2. jobeard

    jobeard TS Ambassador Posts: 13,450   +324

    the port forward needs to originate from the router's PUBLIC IP to the
    unix server ip.

    pst:
    get Telnet working first and then abort all telnet and go for SSH :)
     
  3. Nodsu

    Nodsu TS Rookie Posts: 9,431

    Did you try telnetting from outside your LAN too? Many routers are unable to do loopback connectons and you will never be able to connect to your WAN address from the LAN side.
     
  4. Justin

    Justin TS Rookie Posts: 1,595


    This is very true. In just about any instance where NAT is involved (this being one of them), you cannot telnet from the LAN side of the NAT to the WAN address of that network. Also, don't set a host to DMZ as well as have a port forwarded. Remove it as a DMZ host and have just TCP port 23 forwarded from the router to the internal host.

    From there, on an external host, scan port 23 to see if it is open.
     
  5. gavinseabrook

    gavinseabrook TS Rookie Topic Starter Posts: 528

    I have tried telnetting from outside the network. The router still sees the connection attempt to the WAN IP, but it seems to just kinda stop from there. Then in my telnet I get the "Could not open connection to the host, on port 23: connect failed". So it is my assumption that it is either the router, or the server. But I ruled out the server not connecting on port 23 because as I stated, I can connect from inside the network. I actually talked to linksys and they say to powercycle it, but i truly doubt this will have any effect on the port forwards.
     
  6. Justin

    Justin TS Rookie Posts: 1,595

    Does the server has the router set as its default gateway? If not, it will not function.

    Also, double check to make sure you don't have overlapping forwards - and, remove it as a DMZ host first. Try resetting the router to default settings, then placing the forward rule in.
     
  7. gavinseabrook

    gavinseabrook TS Rookie Topic Starter Posts: 528

    Well, I remote desktopped connected to a different computer there, then telnetted from there.

    I went to the SCOADMIN tools network config. This is what I see

    Local host name: sco
    IP ADDY: 192.168.2.99
    netmask: 255.255.255.0
    Broadcast Addy: 192.168.2.255
    Domain Name: Candelaria.com

    So I dont really see where the option for default gateway would be.
     
  8. Nodsu

    Nodsu TS Rookie Posts: 9,431

    Routing setup maybe? Try the "route" command from a shell and see if you have a "default" or "0.0.0.0" entry.

    Also, the telnet daemon on the server may be configured so that it accepts connections only from LAN. Usually such restrictions are done using hosts.allow and hosts.deny files in /etc
     
  9. gavinseabrook

    gavinseabrook TS Rookie Topic Starter Posts: 528

    Well, they used to have an Instagate EX router, and when that was hooked up, the telnet worked just fine. Once that router went to crap, they moved to the linksys WRT54g, and now telnet doesnt work. lol.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.