Forwarding port behide a router

Yesterday I was trying to configure my computer behind a router to enable it for the SSH connection from outside the router. After some google-ing, I found many ways all involving changing the iptables rules, but all turned out to be failures. Finally, under the help of Daizhong, I found the working way to configure my computer in order to solve the problem.

Before beginning all the operation below, you need to setup the router to fix your IP address and set the forwarding port through the ADMIN page (normally is of your router(two steps, first is fixing your IP address and then set the port forwarding).

The following steps are:
Firstly, you need to edit the SSHD configuration file

vi /etc/ssh/sshd_config

to enable the port forwarding you set on the ADMIN page of your router.
Then, you need to edit file

vi /etc/services

to set the value of ssh port to the number you gave before.
After that, you should set the firewall either using terminal or UI tools to allow the port for ssh. The terminal way is by adding the following line into the file /etc/sys config/iptables:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport XXXX -j ACCEPT

put your port number to the position of “XXXX”.
In the end, you should set the port allowed under SELinux using:

 sudo semanage port -a -t ssh_port_t -p tcp XXXX

In the end, you can restart the sshd and iptables for a test, by using:

service sshd restart
service iptables restart
ssh username@ip -p XXXX


Note all the commands above need superuser account.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.