I find interesting when faced a taken-for-granted situation, in particular in the tech world. This time’s history is about an Internet ADSL connection that allows all traffic but SSH. Yes, you read it correctly. It was very bizarre confirming such event was a real-life situation.
I don’t claim to be a networking expert but at least I want to think I’m well educated. After few minutes I’ve focused my efforts on dealing with the ADSL router/modem’s networking configuration. The device is provided by Movistar (formerly Telefonica) and it runs OpenRG. I’ve discovered that other people have experienced the same issue and what Movistar did was basically replacing the device. Of course the problem is gone after that.
So, this post is dedicated to those who don’t give up. Following the steps below will allow SSH outbound traffic for a OpenRG-based device.
OpenRG device specs
Software Version: 184.108.40.206.110.1.52 Upgrade Release Date: Oct 7 2014
When you do the command below, it shows nothing but timeout. Even when you SSH the router it doesn’t establish connection to it.
ssh -vv host.somewhere.com
Change router’s SSH service port.
This step will allow you to access the console-based configuration for the router (since I haven’t found any way to do the steps described below from the web management interface).
To do so, go to System > Management > SSH. Update the service port to something else than 22, for instance 2222.
Connect to the SSH interface
Once you have changed the SSH service port, you can access it from a SSH client.
ssh -p 2222 firstname.lastname@example.org email@example.com's password: OpenRG>
Once you have the console prompt, issue the following commands to allow SSH outbound traffic coming from the LAN and Wifi networks. After the last command, which saves and updates the device’s configuration, you should be able to do SSH from any computer in your network to the Internet (thanks to tips from inkhorn).
OpenRG> conf set fw/policy/0/chain/fw_br0_in/rule/0/enabled 0 Returned 0 OpenRG> conf set fw/policy/0/chain/fw_br1_in/rule/0/enabled 0 Returned 0 OpenRG> conf reconf 1 Returned 0