• Establish an alternative connection to an embedded system

    From perf60@gmail.com@1:0/0 to All on Sun Jun 22 07:34:35 2014
    I have an embedded linux system on a remote farm. Usually I ssh into the sy= stem via the farms ADSL/WiFi system (using port forwarding). But sometimes = the traffic on the farm blocks me from connecting.

    To solve this, I have added a GSM/GPRS modem to the system. The modem uses = the gsmmux giving 3 channels /dev/mux0 thru /dev/mux2. I have a python daem=
    on watching SMS messages om /dev/mux1. Then I can send an SMS telling this = daemon to set up ppp on /dev/mux0. After the link is set up, the daemon ans= wer the SMS telling me the IP number of the alternative link.

    Problem is, it does not work to ssh into this IP. Something is obviously mi= ssing in my setup - it only works from the system towards the internet.

    What must I do to enable ssh to access my system via this alternative conne= ction?


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Andrzej Adam Filip@1:0/0 to All on Sun Jun 22 08:09:21 2014
    perf60@gmail.com wrote:
    I have an embedded linux system on a remote farm. Usually I ssh into
    the system via the farms ADSL/WiFi system (using port forwarding). But sometimes the traffic on the farm blocks me from connecting.

    To solve this, I have added a GSM/GPRS modem to the system. The modem
    uses the gsmmux giving 3 channels /dev/mux0 thru /dev/mux2. I have a
    python daemon watching SMS messages om /dev/mux1. Then I can send an
    SMS telling this daemon to set up ppp on /dev/mux0. After the link is
    set up, the daemon answer the SMS telling me the IP number of the
    alternative link.

    Problem is, it does not work to ssh into this IP. Something is obviously
    missing in my setup - it only works from the system towards the internet.

    What must I do to enable ssh to access my system via this alternative
    connection?

    1) Have you changed ListenAddress in /etc/ssh/sshd_config ?
    2) Have you implemented source based TCP/IP routing to make _both_ links work
    at the same time? [unless your system is for monitoring only]
    3) Have you used tcptracerourote to track TCP connections attempts?
    [ There may be a firewall in between ]
    4) AFAIR some GSM internet providers block incoming TCP connections.
    You may try to overcome it by making outgoing ssh connection over GSM link
    with -R port forwarding

    --
    [Andrew] Andrzej A. Filip - https://www.linkedin.com/in/andfil

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: It is for me to know and for you to find out
  • From perf60@gmail.com@1:0/0 to All on Sun Jun 22 08:46:01 2014
    kl. 10:09:21 UTC+2 s=F8ndag 22. juni 2014 skrev Andrzej Adam Filip f=F8lgen= de:
    perf60@gmail.com wrote:
    =20
    I have an embedded linux system on a remote farm. Usually I ssh into
    =20
    the system via the farms ADSL/WiFi system (using port forwarding). But
    =20
    sometimes the traffic on the farm blocks me from connecting.
    =20

    =20
    To solve this, I have added a GSM/GPRS modem to the system. The modem
    =20
    uses the gsmmux giving 3 channels /dev/mux0 thru /dev/mux2. I have a
    =20
    python daemon watching SMS messages om /dev/mux1. Then I can send an
    =20
    SMS telling this daemon to set up ppp on /dev/mux0. After the link is
    =20
    set up, the daemon answer the SMS telling me the IP number of the
    =20
    alternative link.
    =20

    =20
    Problem is, it does not work to ssh into this IP. Something is obviousl=
    y missing in my setup - it only works from the system towards the internet. >=20

    =20
    What must I do to enable ssh to access my system via this alternative c=
    onnection?
    =20
    =20
    =20
    1) Have you changed ListenAddress in /etc/ssh/sshd_config ?
    =20
    2) Have you implemented source based TCP/IP routing to make _both_ links =
    work
    =20
    at the same time? [unless your system is for monitoring only]
    =20
    3) Have you used tcptracerourote to track TCP connections attempts?
    =20
    [ There may be a firewall in between ]
    =20
    4) AFAIR some GSM internet providers block incoming TCP connections.
    =20
    You may try to overcome it by making outgoing ssh connection over GSM =
    link
    =20
    with -R port forwarding
    =20
    =20
    =20
    --=20
    =20
    [Andrew] Andrzej A. Filip - https://www.linkedin.com/in/andfil

    Thanks for your answer!

    1) No, ListenAddress is commented. The default is to listen on all local ad= dresses - so do I need to spesify?

    2) No, I do not have the knowledge yet. I believe this is a problem. I gues=
    s I will have to write scripts in the /etc/ppp/ip-up.d and ip-down.p that s= hould modify routing. My system is only monitoring local devices. Any help =
    is very welcome ;-)
    3) Not yet.
    4) I do not know Telenor's (Norway) policy.


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From ein@110:110/2002 to All on Sun Jun 22 09:28:39 2014
    perf60@gmail.com wrote:
    kl. 10:09:21 UTC+2 søndag 22. juni 2014 skrev Andrzej Adam Filip følgende:
    perf60@gmail.com wrote:
    4) AFAIR some GSM internet providers block incoming TCP connections.

    4) I do not know Telenor's (Norway) policy.

    IMHO most probable scenario. We don't have here in Poland any ISP
    provider who allows it by default.

    5) You can use embedded's ssh client to connect back to you while
    creating forwarding connection to itself. Look @ `-L' option in man ssh.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: ATMAN - ATM S.A. (110:110/2002@linuxnet)
  • From ein@110:110/2002 to All on Sun Jun 22 09:36:31 2014
    perf60@gmail.com wrote:
    kl. 10:09:21 UTC+2 søndag 22. juni 2014 skrev Andrzej Adam Filip følgende:
    perf60@gmail.com wrote:

    I have an embedded linux system on a remote farm. Usually I ssh into
    the system via the farms ADSL/WiFi system (using port forwarding). But
    sometimes the traffic on the farm blocks me from connecting.

    To solve this, I have added a GSM/GPRS modem to the system. The modem
    uses the gsmmux giving 3 channels /dev/mux0 thru /dev/mux2. I have a
    python daemon watching SMS messages om /dev/mux1. Then I can send an
    SMS telling this daemon to set up ppp on /dev/mux0. After the link is
    set up, the daemon answer the SMS telling me the IP number of the
    alternative link.

    Problem is, it does not work to ssh into this IP. Something is obviously missing in my setup - it only works from the system towards the internet.
    What must I do to enable ssh to access my system via this alternative connection?

    1) Have you changed ListenAddress in /etc/ssh/sshd_config ?
    2) Have you implemented source based TCP/IP routing to make _both_ links work
    at the same time? [unless your system is for monitoring only]
    3) Have you used tcptracerourote to track TCP connections attempts?
    [ There may be a firewall in between ]
    4) AFAIR some GSM internet providers block incoming TCP connections.
    You may try to overcome it by making outgoing ssh connection over GSM link
    with -R port forwarding

    Thanks for your answer!

    1) No, ListenAddress is commented. The default is to listen on all local
    addresses - so do I need to spesify?

    No. Default is listening on all interfaces.

    2) No, I do not have the knowledge yet. I believe this is a problem. I guess
    I will have to write scripts in the /etc/ppp/ip-up.d and ip-down.p that should modify routing. My system is only monitoring local devices. Any help is very welcome ;-)

    It definitely can be the problem. If in your route table ('route -n')
    are two routes to 0.0.0.0/0 and metric for ppp0 default route is higher
    you have found it. :)

    4) Andrew is right, "-R" option in SSH client. I'm still sleeping.


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: ATMAN - ATM S.A. (110:110/2002@linuxnet)
  • From perf60@gmail.com@1:0/0 to All on Sun Jun 22 10:20:49 2014
    kl. 11:36:31 UTC+2 s=C3=B8ndag 22. juni 2014 skrev ein f=C3=B8lgende:
    perf60@gmail.com wrote:
    =20
    kl. 10:09:21 UTC+2 s=EF=BF=BDndag 22. juni 2014 skrev Andrzej Adam Fili=
    p f=EF=BF=BDlgende:
    =20
    perf60@gmail.com wrote:
    =20

    =20
    I have an embedded linux system on a remote farm. Usually I ssh into
    =20
    the system via the farms ADSL/WiFi system (using port forwarding). Bu=
    t
    =20
    sometimes the traffic on the farm blocks me from connecting.
    =20

    =20
    To solve this, I have added a GSM/GPRS modem to the system. The modem
    =20
    uses the gsmmux giving 3 channels /dev/mux0 thru /dev/mux2. I have a
    =20
    python daemon watching SMS messages om /dev/mux1. Then I can send an
    =20
    SMS telling this daemon to set up ppp on /dev/mux0. After the link is
    =20
    set up, the daemon answer the SMS telling me the IP number of the
    =20
    alternative link.
    =20

    =20
    Problem is, it does not work to ssh into this IP. Something is obviou=
    sly missing in my setup - it only works from the system towards the interne=
    t.
    =20
    What must I do to enable ssh to access my system via this alternative=
    connection?
    =20

    =20
    1) Have you changed ListenAddress in /etc/ssh/sshd_config ?
    =20
    2) Have you implemented source based TCP/IP routing to make _both_ lin=
    ks work
    =20
    at the same time? [unless your system is for monitoring only]
    =20
    3) Have you used tcptracerourote to track TCP connections attempts?
    =20
    [ There may be a firewall in between ]
    =20
    4) AFAIR some GSM internet providers block incoming TCP connections.
    =20
    You may try to overcome it by making outgoing ssh connection over G=
    SM link
    =20
    with -R port forwarding
    =20
    =20
    =20
    Thanks for your answer!
    =20
    =20
    =20
    1) No, ListenAddress is commented. The default is to listen on all loca=
    l addresses - so do I need to spesify?
    =20
    =20
    =20
    No. Default is listening on all interfaces.
    =20
    =20
    =20
    2) No, I do not have the knowledge yet. I believe this is a problem. I =
    guess I will have to write scripts in the /etc/ppp/ip-up.d and ip-down.p th=
    at should modify routing. My system is only monitoring local devices. Any h= elp is very welcome ;-)
    =20
    =20
    =20
    It definitely can be the problem. If in your route table ('route -n')
    =20
    are two routes to 0.0.0.0/0 and metric for ppp0 default route is higher
    =20
    you have found it. :)
    =20
    =20
    =20
    4) Andrew is right, "-R" option in SSH client. I'm still sleeping.

    This in the "normal" table in the remote system:
    root@cooly:~# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Ifa=
    ce
    0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth=
    0
    192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth=
    0

    After setting up ppp it looks like this:

    root@cooly:~# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Ifa=
    ce
    0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth=
    0
    10.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp=
    0
    192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth=
    0

    What is the simplest way to obtain my goal of using ppp0 to ssh into (or ou= tof . the -R case)? Some scripting required?


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Pascal Hambourg@110:110/2002 to All on Sun Jun 22 10:37:18 2014
    Reply-To: pascal.news@plouf.fr.eu.org

    perf60@gmail.com a ‚crit :

    After setting up ppp it looks like this:

    root@cooly:~# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use
    Iface
    0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 10.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

    1) The peer on ppp0 has a private IP address. If ppp0 has a private IP
    address too, then it is not directly reachable from the public internet.

    2) The routing table does not have a default route on ppp0. Indeed pppd
    ignores the "defaultroute" option if a default route already exists,
    unless the "replacedefaultroute" flag (which IIRC is absent from
    upstream pppd but implemented by some distributors such as openSUSE or
    Debian) is added to it.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: Plouf ! (110:110/2002@linuxnet)
  • From ein@110:110/2002 to All on Sun Jun 22 11:45:39 2014
    Pascal Hambourg wrote:
    2) The routing table does not have a default route on ppp0. Indeed pppd ignores the "defaultroute" option if a default route already exists,
    unless the "replacedefaultroute" flag (which IIRC is absent from
    upstream pppd but implemented by some distributors such as openSUSE or Debian) is added to it.

    Interesting.

    Referring to author's SSH forwarding question:
    You need setup pppd to do the following after each connection:
    root@cooly:~# ssh root@server -p 22 -R 222:192.168.1.X:22 -v
    Where:
    -p 22 - is the port number of SSH @ server
    X - is IP address of eth0 interface @ cooly
    -v - be verbose

    ssh root@server -p 22 -R 222:192.168.1.X:22
    In big shortcut it means: connect to server at port 22 and forward TCP
    traffic from server's 222 port of loopback interface (127.0.0.1) through
    SSH connection to cooly's 192.168.1.X:22.

    Then you can reach cooly from server like this:
    root@server:~# ssh root@127.0.0.1 -p 222

    Please use documentation to discover how to provide pppd scripting. http://www.tldp.org/HOWTO/PPP-HOWTO/ip-up.html

    Then add this options to ssh @ cooly
    -N Do not execute a remote command. This is useful for just
    forwarding ports (protocol version 2 only).
    -f Requests ssh to go to background just before command execution.

    You should also setup RSA key auth. instead of using passwords, generate
    keys longer than or equal to 2048B.
    Root account isn't required, but only root can open ports bellow 1024
    AFAIR. Use higher port instead when using different account than root.


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: ATMAN - ATM S.A. (110:110/2002@linuxnet)
  • From perf60@gmail.com@1:0/0 to All on Sun Jun 22 12:15:24 2014
    kl. 13:45:39 UTC+2 s=F8ndag 22. juni 2014 skrev ein f=F8lgende:
    Pascal Hambourg wrote:
    =20
    2) The routing table does not have a default route on ppp0. Indeed pppd
    =20
    ignores the "defaultroute" option if a default route already exists,
    =20
    unless the "replacedefaultroute" flag (which IIRC is absent from
    =20
    upstream pppd but implemented by some distributors such as openSUSE or
    =20
    Debian) is added to it.
    =20
    =20
    =20
    Interesting.
    =20
    =20
    =20
    Referring to author's SSH forwarding question:
    =20
    You need setup pppd to do the following after each connection:
    =20
    root@cooly:~# ssh root@server -p 22 -R 222:192.168.1.X:22 -v
    =20
    Where:
    =20
    -p 22 - is the port number of SSH @ server
    =20
    X - is IP address of eth0 interface @ cooly
    =20
    -v - be verbose
    =20
    =20
    =20
    ssh root@server -p 22 -R 222:192.168.1.X:22
    =20
    In big shortcut it means: connect to server at port 22 and forward TCP
    =20
    traffic from server's 222 port of loopback interface (127.0.0.1) through
    =20
    SSH connection to cooly's 192.168.1.X:22.
    =20
    =20
    =20
    Then you can reach cooly from server like this:
    =20
    root@server:~# ssh root@127.0.0.1 -p 222
    =20
    =20
    =20
    Please use documentation to discover how to provide pppd scripting.
    =20
    http://www.tldp.org/HOWTO/PPP-HOWTO/ip-up.html
    =20
    =20
    =20
    Then add this options to ssh @ cooly
    =20
    -N Do not execute a remote command. This is useful for just
    =20
    forwarding ports (protocol version 2 only).
    =20
    -f Requests ssh to go to background just before command execution.
    =20
    =20
    =20
    You should also setup RSA key auth. instead of using passwords, generate
    =20
    keys longer than or equal to 2048B.
    =20
    Root account isn't required, but only root can open ports bellow 1024
    =20
    AFAIR. Use higher port instead when using different account than root.

    Thanks! I have lots to learn, but this looks promising.
    I have another ppp configuration which gives me this routing table:

    root@cooly:# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Ifa=
    ce
    0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp=
    0
    192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth=
    0
    192.168.254.254 0.0.0.0 255.255.255.255 UH 0 0 0 ppp=
    0

    What would the implications for remote ssh be in this case? Which should I = use?

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Pascal Hambourg@110:110/2002 to All on Sun Jun 22 12:20:43 2014
    Reply-To: pascal.news@plouf.fr.eu.org

    perf60@gmail.com a ‚crit :

    I have another ppp configuration which gives me this routing table:

    What do you mean by "another ppp configuration" ?

    root@cooly:# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use
    Iface
    0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.254.254 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0

    What would the implications for remote ssh be in this case? Which should I
    use?

    Now there is a default route on ppp0, but the remote peer still has a
    private address, in a different prefix. What about the local IP address
    on ppp0 ?

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: Plouf ! (110:110/2002@linuxnet)
  • From David Brown@110:110/2002 to All on Sun Jun 22 12:45:37 2014
    On 22/06/14 09:34, perf60@gmail.com wrote:
    I have an embedded linux system on a remote farm. Usually I ssh into
    the system via the farms ADSL/WiFi system (using port forwarding).
    But sometimes the traffic on the farm blocks me from connecting.

    To solve this, I have added a GSM/GPRS modem to the system. The modem
    uses the gsmmux giving 3 channels /dev/mux0 thru /dev/mux2. I have a
    python daemon watching SMS messages om /dev/mux1. Then I can send an
    SMS telling this daemon to set up ppp on /dev/mux0. After the link is
    set up, the daemon answer the SMS telling me the IP number of the
    alternative link.

    Problem is, it does not work to ssh into this IP. Something is
    obviously missing in my setup - it only works from the system towards
    the internet.

    What must I do to enable ssh to access my system via this alternative connection?


    Based on other posts here, you have an issue with routing tables once
    ppp0 is up. However, here are a couple more points:

    You might need to re-start the sshd daemon after bringing up ppp0 so
    that it listens on that interface too.

    Telenor does not block incoming TCP sessions on GPRS as far as I know -
    though I have only used it for outgoing connections.

    Since you are using SMS to initiate the connection, it makes a lot more
    sense for the board to connect to a server than to open a connection
    into the board. In many cases, if you are on an existing network then
    your board can initiate a connection to an outside server directly. So
    when it receives the SMS, it should then connect to the server via
    Ethernet or Wifi before trying to fall back to GPRS (which is usually
    slow and expensive).

    There are a couple of convenient ways to make this connection and let
    you then get into the system. Reverse ssh is one that has been
    mentioned. Another is openvpn - have the SMS trigger opening an openvpn tunnel to your server, and then you have a "direct" connection into your
    box (over ethernet, wifi, gprs, whatever).

    When you set up your routing tables and pppd scripts, you probably don't
    want to change the default routes. A better idea could be to add a
    static route that routes connection to your server - but only your
    server - via GPRS. I don't know what other traffic you have on your
    system, but usually you only want specific and limited traffic over GPRS
    to minimise running costs.

    mvh.,

    David

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: A noiseless patient Spider (110:110/2002@linuxnet)
  • From perf60@gmail.com@1:0/0 to All on Sun Jun 22 12:46:41 2014
    kl. 14:20:43 UTC+2 s=F8ndag 22. juni 2014 skrev Pascal Hambourg f=F8lgende:
    perf60@gmail.com a =EF=BFoecrit :
    =20
    =20
    =20
    I have another ppp configuration which gives me this routing table:
    =20
    =20
    =20
    What do you mean by "another ppp configuration" ?
    =20
    =20
    =20
    root@cooly:# route -n
    =20
    Kernel IP routing table
    =20
    Destination Gateway Genmask Flags Metric Ref Use=
    Iface
    =20
    0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0=
    ppp0
    =20
    192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0=
    eth0
    =20
    192.168.254.254 0.0.0.0 255.255.255.255 UH 0 0 0=
    ppp0
    =20
    =20
    =20
    What would the implications for remote ssh be in this case? Which shoul=
    d I use?
    =20
    =20
    =20
    Now there is a default route on ppp0, but the remote peer still has a
    =20
    private address, in a different prefix. What about the local IP address
    =20
    on ppp0 ?


    "another ppp configuration": The file named in the pppd call <file> is diff= erent - setting up a default route. Cooly has IP address 192.168.1.30

    The IP address on ppp0 is given by Telenor during the pppd dialog.

    I will try to do what "ein" wrote.



    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Pascal Hambourg@110:110/2002 to All on Sun Jun 22 13:05:56 2014
    Reply-To: pascal.news@plouf.fr.eu.org

    perf60@gmail.com a ‚crit :

    Cooly has IP address 192.168.1.30

    This is the address on eth0. Irrelevant.

    The IP address on ppp0 is given by Telenor during the pppd dialog.

    Of course it is. I am asking whether it is a private or public address.
    If it is a private adress, you cannot connect to it from the outside.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: Plouf ! (110:110/2002@linuxnet)
  • From perf60@gmail.com@1:0/0 to All on Sun Jun 22 13:26:59 2014
    kl. 15:05:56 UTC+2 s=F8ndag 22. juni 2014 skrev Pascal Hambourg f=F8lgende:
    perf60@gmail.com a =EF=BFoecrit :
    =20
    =20
    =20
    Cooly has IP address 192.168.1.30
    =20
    =20
    =20
    This is the address on eth0. Irrelevant.
    =20
    =20
    =20
    The IP address on ppp0 is given by Telenor during the pppd dialog.
    =20
    =20
    =20
    Of course it is. I am asking whether it is a private or public address.
    =20
    If it is a private adress, you cannot connect to it from the outside.
    From the logged dialog (from pppd) apart from nameservers IP numbers I rece= ive:
    local IP address 37.253.96.136
    remote IP address 192.168.254.254
    and the remote IP address finds its way into the routing table.=20
    I assume the 37.253.96.136 address is the external accessible address (loca=
    l to Telenor)

    Trying ssh root@37.253.96.136 from my home does not work.
    Pinging google.com form cooly works.

    Maybe Telenor do not allow incoming connections.
    Maybe the -R approach will work?


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Pascal Hambourg@110:110/2002 to All on Sun Jun 22 13:47:40 2014
    Reply-To: pascal.news@plouf.fr.eu.org

    perf60@gmail.com a ‚crit :

    From the logged dialog (from pppd) apart from nameservers IP numbers I
    receive:
    local IP address 37.253.96.136
    remote IP address 192.168.254.254
    and the remote IP address finds its way into the routing table.
    I assume the 37.253.96.136 address is the external accessible address (local
    to Telenor)

    Yes. So it is a public address.

    Trying ssh root@37.253.96.136 from my home does not work.
    Pinging google.com form cooly works.

    What path does it use ? eth0 or ppp0 ?

    Maybe Telenor do not allow incoming connections.

    Maybe.

    Maybe the -R approach will work?

    It should. However,

    But sometimes the traffic on the farm blocks me from connecting.

    Have you considered correcting this issue ?

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: Plouf ! (110:110/2002@linuxnet)
  • From perf60@gmail.com@1:0/0 to All on Sun Jun 22 14:02:16 2014
    kl. 15:47:40 UTC+2 s=F8ndag 22. juni 2014 skrev Pascal Hambourg f=F8lgende:
    perf60@gmail.com a =EF=BFoecrit :
    =20

    =20
    From the logged dialog (from pppd) apart from nameservers IP numbers I =
    receive:
    =20
    local IP address 37.253.96.136
    =20
    remote IP address 192.168.254.254
    =20
    and the remote IP address finds its way into the routing table.=20
    =20
    I assume the 37.253.96.136 address is the external accessible address (=
    local to Telenor)
    =20
    =20
    =20
    Yes. So it is a public address.
    =20
    =20
    =20
    Trying ssh root@37.253.96.136 from my home does not work.
    =20
    Pinging google.com form cooly works.
    =20
    =20
    =20
    What path does it use ? eth0 or ppp0 ?

    Pinging is on ppp0

    =20
    =20
    =20
    Maybe Telenor do not allow incoming connections.
    =20
    =20
    =20
    Maybe.
    =20
    =20
    =20
    Maybe the -R approach will work?
    =20
    =20
    =20
    It should. However,
    =20
    =20
    =20
    But sometimes the traffic on the farm blocks me from connecting.
    =20
    =20
    =20
    Have you considered correcting this issue ?

    Sure! But there are children and foreign guest-workers on the farm, so I ha=
    ve to find an alternative for my low-bandwidth access.
    And there is a football match going on somwhere - i believe there are watch= ers using IP at the farm ;-)


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb