cancel
Showing results for 
Search instead for 
Did you mean: 
Replies are disabled for this topic. Start a new one or visit our Help Center.

Google Nest Wifi Router not forwarding ssh connection

cabji
Community Member

Hi everyone, 

I am trying to get a ssh connection on port 22 working through my google nest wifi router.

I have done the following:

1. installed OpenSSH server and client on Windows 10 (computer name is Workstation)

2. configured the OpenSSH server on Workstation to accept connection using private key auth

3. can connect to ssh on Workstation INTERNALLY, on the home wifi network.

4. can't connect to ssh on Workstation from EXTERNAL host (named VPS) using private key auth

5. configured google nest wifi router using mobile app. Went to settings, advanced networking, port management, added an entry for Workstation on port 22 TCP & UDP pointing to Workstation's IP address which is static.

6. still can't connect to Workstation from VPS on port 22, only get connection time out messages.

 

other info: i can't ping Workstation's public IP address from VPS. no replies are received. is this normal?

VPS is a link cli so the tools i'm using from there are linux cli tools. (ssh, ping)

 

are there any other settings i need to change to make the 22 port access through the google router work?

7 REPLIES 7

RXShorty
Gold Product Expert
Gold Product Expert

Hi @cabji 

Let me, please confirm what you are trying to achieve.
You are trying to connect to your home workstation by using your VPS.
So VPS makes an SSH connection to your OpenSSH server that runs on your Workstation internally, correct?

Did you set the same internal and WAN port as described HERE?

Another thing to remember is that port 22 is one of the most scanned ports on the internet. It could be handy to use a different port. 🙂

cabji
Community Member

Hi @RXShorty 

What you described is exactly what i'm trying to do.

Yes I have added the port forwarding entry as you described. It still doesn't allow access.

If you configure your ssh server to accept only authentication via key pairs then access is impossible unless someone obtains an authorized private key isn't it?

is there some other reason to not use the default port beside risk of unauthorized access?

I guess my other option is to *pull* data from the VPS over ssh using rsync instead of pushing it to my workstation from the VPS.

RXShorty
Gold Product Expert
Gold Product Expert

Hi @cabji 

Yes, you are correct about the key pair exchange. 

Please note that PING is probably not going to give you any results best is to try to telnet to port 22 to see if you get a response from your VPS. 

Another thing to check is if your Windows Firewall is somehow blocking things.
So your use case is to get data from the VPS to your local workstation correct?
Why not install WinSCP on your Windows workstation and connect to the VPS SSH server? 🤔

cabji
Community Member

Hi @RXShorty 

The aim is to push data from the VPS to the Workstation that is on my home internet connection, which is behind the Google Nest Wifi router.

I could pull the data to the Workstation from the VPS, however this would require creation and maintenance of 2 sets of automation systems/scripts to work. I'd prefer if I could keep everything to do with the automated process on the VPS, which is the "middle point" in the process.

 

I will have to check out if Windows Firewall is affecting the ssh access somehow or not.

Jhonleanmel
Community Specialist
Community Specialist

Hey folks,

 

@RXShorty, thanks for the help.

@cabji, were you able to check your Windows Firewall if it affects your SSH access?

 

Best,

Mel

Yes I had a look and windows firewall shows it as allowing all connections

Jhonleanmel
Community Specialist
Community Specialist

Hey cabji,

We appreciate your interest however, we don't have any news to share about forwarding SSH connections on Google Wifi/Nest Wifi networks. We're always looking for ways to improve and we'll take it as feedback.

I also suggest that you send feedback by following this link. Let me know if you have other questions or concerns, otherwise I’ll be locking this thread after 24 hours. 

Best,

Mel