SSH and port forwarding

[William24000]

Hi, even if I don't know if my problem is ssh or gargoyle related, I place my question here. If the answere is on a site I haven't found, please post a link. I can read and google, but obviously not good enough

My Setup:

Router 1 connected to internet
LAN ip 192.168.7.1, DHCP activated
portforwarding 22:192.168.7.21:22

Router 2 WAN port connected to LAN of Router 1
WAN IP 192.168.7.21
LAN IP 192.168.1.1 DHCP Activated
portforwarding 22:192.168.1.3:22

Server eth0 connected to LAN of Router 2
eth0 IP 192.168.1.3
ssh server at port22

Server has connection to Internet and I can login from LAN 192.168.1.0/24 to server

If I try to login from Internet, I get the following LOG in putty

Code: Select all

2017-07-01 12:45:07	Looking up host "nnnnnnnnn"
2017-07-01 12:45:07	Connecting to n.n.n.n port 22
2017-07-01 12:45:07	We claim version: SSH-2.0-PuTTY_Release_0.67
2017-07-01 12:45:07	Server version: SSH-2.0-dropbear_2015.67
2017-07-01 12:45:07	Using SSH protocol version 2
2017-07-01 12:45:07	Using Diffie-Hellman with standard group "group14"
2017-07-01 12:45:07	Doing Diffie-Hellman key exchange with hash SHA-1
2017-07-01 12:45:10	Host key fingerprint is:
2017-07-01 12:45:10	ssh-rsa 2048 xxxxxxxxxxxxxx
2017-07-01 12:45:10	Initialised AES-256 SDCTR client->server encryption
2017-07-01 12:45:10	Initialised HMAC-SHA1 client->server MAC algorithm
2017-07-01 12:45:10	Initialised AES-256 SDCTR server->client encryption
2017-07-01 12:45:10	Initialised HMAC-SHA1 server->client MAC algorithm
2017-07-01 12:45:10	Writing new session log (ASCII mode) to file: putty.log
2017-07-01 12:45:18	Sent password
2017-07-01 12:45:18	Password authentication failed

The Password IS correct entered. Where is my failure??

Before I placed gargoyle in the middle, everything worked fine (access to server from outside) This is why I think something with gargoyle is wrong.

Thanks for any help, William

[ispyisail]

Connect your SSH client (putty) to the LAN side of your router 2, then connect.

This will prove its not a.) port forward problem b.) a gargoyle problem as it wound be a LAN to LAN connection.

I suspect this is a SSH problem

[William24000]

Erm it was a problem sitting in front of the monitor.

The Problem ( or missing knowledge on my side):

gargoyle has an own ssh server !!
... I read that, but forgot it.

So, from outside, my login attempt was ending on gargoyle and no mor following the portforwarding rule to the server (as I expected). Because of that, there was a bad password reply as the username I tried was not existing on gargoyle. clear.

Solution is quite easy.
either: change ssh port of gargoyle (didn't try this)
or: change portforwarding in a way, that gargoyle port 22 ist not affected.

Thanks for the help