SSH from the PPP0 interface

[Herraiz Stéphane]

Hi,

I can access by SSH to the OCG on the LAN but I can not from the WAN (ppp0) using the ppp0 IP address.

Do I need to do some forwarding?

Could be a mobile provider limitation (France Orange)?

Thanks a lot

[Lonny Knudson]

I don’t believe the OCG blocks ssh (port 22) connections by default. If you didn’t specifically request a public route-able IP address from the mobile provider you are most likely behind a firewall on the carrier’s network.

[Herraiz Stéphane]

Web server or TCP server doesn’t work too.

I tried the provider card on an other mobile router and the web forwarding works…

Is it a problem of routing…?

Thanks

[Lonny Knudson]

It could be a routing issue. Use the ‘route’ command while the ppp link is up to look at the routing table. If you haven’t tried this yet, you may want to try using pppd options defaultroute and replacedefaultroute.

[Herraiz Stéphane]

The route command result :

# route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

10.64.64.64 * 255.255.255.255 UH 0 0 0 ppp0

192.168.2.0 * 255.255.255.0 U 0 0 0 eth0

default * 0.0.0.0 U 0 0 0 ppp0

What kind of route I need to add?

Best regards

[Lonny Knudson]

It looks like pppd is making the correct changes to the routing table. What does ifconfig return when the ppp link is up?

[Herraiz Stéphane]

I succeed on disconnecting my Ethernet cable and setting my eth0 port on dhcp mode (no IP address).

That’s my ifconfig result :

# ifconfig

eth0 Link encap:Ethernet HWaddr 00:08:00:87:62:B7

UP BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:1 dropped:0 overruns:0 frame:0

TX packets:1 errors:1 dropped:0 overruns:0 carrier:1

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 B) TX bytes:322 (322.0 B)

Interrupt:21 Base address:0x4000

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:48 errors:0 dropped:0 overruns:0 frame:0

TX packets:48 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:3224 (3.1 KiB) TX bytes:3224 (3.1 KiB)

ppp0 Link encap:Point-to-Point Protocol

inet addr:10.241.248.38 P-t-P:10.64.64.64 Mask:255.255.255.255

UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1

RX packets:21 errors:0 dropped:0 overruns:0 frame:0

TX packets:22 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:3

RX bytes:1313 (1.2 KiB) TX bytes:1131 (1.1 KiB)

Then I have no route on eth0 :

# route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

10.64.64.64 * 255.255.255.255 UH 0 0 0 ppp0

default * 0.0.0.0 U 0 0 0 ppp0

If I set up my eth0 with a static ip, it is not working…!

Is it possible to make both (ppp0 & eth0) working in the same time?

[Lonny Knudson]

Hi Stephane,

Regarding the ppp link, according to ifconfig the cellular provider is assigning your mobile device a private IP address that is not accessible from the internet. You will need to ask your cellular provider to assign your account a public IP if you want to initiate connections to your device from the internet.

I’m not sure I understand the changes you made regarding the eth0 interface. According to the output of the route command that you posted the other day, the device was correctly configured to use both interfaces at that time.

[Herraiz Stéphane]

Yes you right I was trying with another provider…

How did you check the IP is not accessible form internet?

Here with “working provider” :

# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000

link/ether 00:08:00:87:41:d2 brd ff:ff:ff:ff:ff:ff

3: tunl0: <NOARP> mtu 1480 qdisc noop state DOWN

link/ipip 0.0.0.0 brd 0.0.0.0

4: gre0: <NOARP> mtu 1476 qdisc noop state DOWN

link/gre 0.0.0.0 brd 0.0.0.0

5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 3

link/ppp

inet 81.52.146.214 peer 10.64.64.64/32 scope global ppp0

# route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

10.64.64.64 * 255.255.255.255 UH 0 0 0 ppp0

default * 0.0.0.0 U 0 0 0 ppp0

#

# ifconfig

eth0 Link encap:Ethernet HWaddr 00:08:00:87:41:D2

UP BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:1 dropped:0 overruns:0 frame:0

TX packets:1 errors:1 dropped:0 overruns:0 carrier:1

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 B) TX bytes:322 (322.0 B)

Interrupt:21 Base address:0x4000

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:14 errors:0 dropped:0 overruns:0 frame:0

TX packets:14 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:936 (936.0 B) TX bytes:936 (936.0 B)

ppp0 Link encap:Point-to-Point Protocol

inet addr:81.52.146.214 P-t-P:10.64.64.64 Mask:255.255.255.255

UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1

RX packets:6 errors:0 dropped:0 overruns:0 frame:0

TX packets:7 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:3

RX bytes:84 (84.0 B) TX bytes:117 (117.0 B)

[Lonny Knudson]

Hi Stephane,

IP addresses in the 10.x.x.x range are reserved for use on private networks and should not exist on the public internet. If an ISP assigns your endpoint an address in this range you are behind a NAT/firewall from the perspective of the public internet.

[Author]

Posts