Hi
I have a home office that need to perform admin on servers on a remote office. The remote office has (for historical reasons) a Telco-provided Cisco router facing Internet. That router has an internal address of 192.168.99.0/24. Behind the Cisco, there is an Netgear FVS318 router/switch where all local servers are connected. That network is 10.0.2.0/24. The Netgear's default gw is 192.168.99.1 (the Cisco) and the Cisco-issued IP is 192.168.99.3 .
Public IP <-> Cisco <-> 192.168.99.0/24
192.168.99.3 <-> Netgear <-> 192.168.99.1 <gw IP from Netgear>
Netgear <-> local net 10.0.2.0/24, local IP 10.0.2.1
Clients 10.0.2.0/24, default gw 10.0.2.1
All internal clients and servers connect fine to Internet. I can also from the internal servers use SSH to my home office after configuring port forwarding properly. The problem is when I try to SSH into the remote office. I have configured port forwarding (22/TCP/UDP) in the Netgear to the main local Linux server. According to the Telco support, the Cisco has no firewall active and should pass all inbound packets through. I suspect that the double NAT prevents the SSH packets from reaching the Netgear router. When I run wireshark on the home office Linux box, I only see an immediate Connection refused back from the public IP of the Cisco.
Any advice? Should I try to remove the Cisco since it obviously does not fulfill any purpose except complicating things?
No comments:
Post a Comment