I'm trying to SSH into my linux box, which is behind a Sonicwall tz170. I'm accessing it remotely, on the outside of the tz170. I've setup port forwarding to forward port 22 to the linux box (distro: Redhat Fedora), but can't get a connection to the box. I am able to SSH into the box if I'm behind the tz170, but can't seem to punch through. Any ideas? Does iptables on the linux box need to be set to accept connections through the tz170?

Thanks!

as far as iptables, no. If you are using only 1 interface/nic on the linux box, then if it works it works.

Sounds like your Sonicwall is not forwarding correctly, but i know nothing about that.

I'll give Sonicwall a call. I didn't think it'd be the linux box.

as far as iptables, no. If you are using only 1 interface/nic on the linux box, then if it works it works.

Sounds like your Sonicwall is not forwarding correctly, but i know nothing about that.

You don't say what distro you're using. Many have a firewall running by default on the machine, Red Hat, for instance. I've ran into problems with that. Unless you've specified port 22, it will block SSH connections. That, to my mind, is the most likely problem.

It's possible that it's a bum SW, but they're really good products. Make sure the rule is checked...sometimes you accidently uncheck it so it doesn't process the rule. Check that the IP addresses in the rule and on the Linux box are the same. Basically, triple check all of the obvious stuff. It's usually just a simple config error somewhere, it's hardly ever anything major.

but it works fine from within the firewall, so the box is ready and willing to accept ssh connections.

thats why i suspect the SW

How did I miss that in the original post? My bad. Still, check all of the obvious things, and then make sure the SW has the most up2date firrmware available, that can fix some bugs. Does any other service experience difficulties, or just ssh? Is there another firewall you can test with? Go here:

https://www.grc.com/x/ne.dll?bh0bkyd2

from within the internal network and let it scan the router to ensure that port 22 is open.