Reply
New Member
Posts: 3
Registered: ‎02-04-2018

allow ssh in from WAN

Hello!

 

I have disabled pwd login in sshd, and changed its port. Now i want to enable ssh access into the router from WAN (yes, i really want to do this, seriouslyMan Happy ).

 

So i did this ni the GUI: 

 

And "show firewall" says this (see below).

But i still can't connect from the outside. Any suggestions?

 

  wbr / Alex

 

--------------------------------------------------------------------------------
IPv4 Firewall "WAN_IN":

Active on (eth1,IN)

rule action proto packets bytes
---- ------ ----- ------- -----
10 accept all 17683 10817247
condition - state RELATED,ESTABLISHED

20 accept tcp 0 0
condition - state NEW tcp dpt:42022

30 drop all 0 0
condition - state INVALID

10000 drop all 0 0

--------------------------------------------------------------------------------
IPv4 Firewall "WAN_LOCAL":

Active on (eth1,LOCAL)

rule action proto packets bytes
---- ------ ----- ------- -----
10 accept all 504 58216
condition - state RELATED,ESTABLISHED

20 drop all 92 8020
condition - state INVALID

10000 drop all 244 23619

 

 

Senior Member
Posts: 3,906
Registered: ‎05-15-2014
Kudos: 1394
Solutions: 267

Re: allow ssh in from WAN

[ Edited ]

Access to the router is in WAN_local not in WAN_in ruleset.

 

 See Layman's firewall explanation for further details.

Established Member
Posts: 1,732
Registered: ‎03-02-2016
Kudos: 399
Solutions: 132

Re: allow ssh in from WAN

Changing the port is kind of pointless, since there are many port scanners active that will find your ssh server anyway.

 

The important thing is disabling password authentication and deleting the default "ubnt" user account.

Highlighted
New Member
Posts: 3
Registered: ‎02-04-2018

Re: allow ssh in from WAN

thanks gfunkdave for answering exactly what i was asking about...
Reply