Topic: PuTTY not connecting with Private Server and Gateway Mode

[jon]

I can't connect to my SME 9.2 server (all updates applied) using PuTTY.   I have gone into server-manager, clicked on the Remote Access page, added my IP Address that I'm connecting from, added the subnet of 255.255.255.255, changed the Secure Shell Access to Allow Public Access, changed the next two options to "Yes" and left the port at 22.   Clicked save. 

When I run PuTTY, I put in the IP Address of SME and that SSH is checked and clicked Open.  I get a box pop up on my Windows screen and then in about 20 seconds, PuTTY times out.   Nothing else.

I reviewed the sshd/current logs and I see: "Server listening on 0.0.0.0 port 22" message. 

Documentation states when using Private Server and Gateway mode: "Additional firewall rules have been configured to drop packets for various services (such as 'ping' requests)."   

Can this be the reason I'm not connecting with PuTTY?   Any other logs I should be looking at?  Thanx.

[janet]

I can't connect to my SME 9.2 server (all updates applied) using PuTTY.   
Documentation states when using Private Server and Gateway mode: "Additional firewall rules have been configured to drop packets for various services (such as 'ping' requests)."   
Can this be the reason I'm not connecting with PuTTY?

Probably.
You can do a port scan at grc.com
You could connect using VPN or similar, & then Putty in, effectively from the local network.
Alternatively change your server mode to Server & Gateway & retest.

[jon]

Probably.
You can do a port scan at grc.com
You could connect using VPN or similar, & then Putty in, effectively from the local network.
Alternatively change your server mode to Server & Gateway & retest.

janet - thanx for your quick response.   

A scan from grc.com shows port 22 (and 23) open - so that's working.   

I then vpn'd into a PC connected to the network (after changing the Secure Shell Access to Local Network Only), and I used PuTTY to successfully log into my server.   So I guess that's what I can do in the future if I need to access a terminal session.   Appreciated!!!

However, I'm still wondering if PS&G mode makes firewall changes that affects programs like PuTTY...   Anyone know? 

[Jean-Philippe Pialasse]

Yes. Private means all is closed on internet side.

Less than 1% of SME server are set  this way, and issues of not being able to connect to x or y services are recurent on the forum.

The setting you refer on adding ip and mask is not related to sshd and putty bit to access to server manager from the outside, while private will prevent access from outside.

Further more if you open a service to outside next event will likely close it again.

What make me think this particular mode needs to be removed from next release.

Do you really need to close all your services from outside ?
Would not you be better to keep all accessible with selectively close some services knowing what you are doing? 

[jon]

Yes. Private means all is closed on internet side.

Less than 1% of SME server are set  this way, and issues of not being able to connect to x or y services are recurent on the forum.
 
[snip]

Do you really need to close all your services from outside ?
Would not you be better to keep all accessible with selectively close some services knowing what you are doing?

Jean-Philippe - appreciate the comments.  This particular site outsources email and its website.  But they really like the other functions of SME - file and print services, robust(!) firewall, backups, DHCP - and most importantly, the almost automatic updates.  PS&G is perfect for them - not a single issue.  If the developers do decide to drop PS&G, then I would kindly suggest a server-manager method of stopping / removing services that are not needed.   Thanx