Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Plusnet Firewall blocking SSH connections to sites
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Fibre Broadband
- :
- Re: Plusnet Firewall blocking SSH connections to s...
Plusnet Firewall blocking SSH connections to sites
20-02-2015 5:59 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I am on Plusnet Fibre with static IP address.
Wierd issues with the Plusnet firewall its randomly blocking SSH connections (tried this with a friends plusnet connection to and the result is the same, it works on another friends BT connection so isnt the remote site).
Attempting to SSH (using Putty) to 160.153.52.47 Putty returns error "Server unexpectedly closed network connection".
I can ping the IP address, I can get to the website running on it, http://160.153.52.47/ , I can even connect to the FTP server running on it.
So I pulled out Wireshark...
I can see the TCP packet head off to port 22 on 160.153.52.47 and I get a response back from
1 2015-02-20 16:42:25.295882 192.168.0.188 160.153.52.47 TCP 56029→22 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=4 SACK_PERM=1
2 2015-02-20 16:42:25.471918 160.153.52.47 192.168.0.188 TCP 22→56029 [SYN, ACK] Seq=0 Ack=1 Win=14600 Len=0 MSS=1380 SACK_PERM=1 WS=512
3 2015-02-20 16:42:25.471999 192.168.0.188 160.153.52.47 TCP 56029→22 [ACK] Seq=1 Ack=1 Win=66240 Len=0
4 2015-02-20 16:42:30.662592 160.153.52.47 192.168.0.188 TCP 22→56029 [FIN, ACK] Seq=1 Ack=1 Win=14848 Len=0
5 2015-02-20 16:42:30.662639 192.168.0.188 160.153.52.47 TCP 56029→22 [ACK] Seq=1 Ack=2 Win=66240 Len=0
6 2015-02-20 16:42:30.662711 192.168.0.188 160.153.52.47 TCP 56029→22 [FIN, ACK] Seq=1 Ack=2 Win=66240 Len=0
7 2015-02-20 16:42:30.837308 160.153.52.47 192.168.0.188 TCP 22→56029 [ACK] Seq=2 Ack=2 Win=14848 Len=0
Now, I thought this might be my router firewall, so I carried out a wireshark between the router and the Openreach box (I can see the same conversation encapsulated in the PPPoE session, so am assuming its a plusnet firewall issue). I can SSH to other hosts no problem so its not a block on port 22. And I can ping it so there is a route to the host.
Wierd issues with the Plusnet firewall its randomly blocking SSH connections (tried this with a friends plusnet connection to and the result is the same, it works on another friends BT connection so isnt the remote site).
Attempting to SSH (using Putty) to 160.153.52.47 Putty returns error "Server unexpectedly closed network connection".
I can ping the IP address, I can get to the website running on it, http://160.153.52.47/ , I can even connect to the FTP server running on it.
So I pulled out Wireshark...
I can see the TCP packet head off to port 22 on 160.153.52.47 and I get a response back from
1 2015-02-20 16:42:25.295882 192.168.0.188 160.153.52.47 TCP 56029→22 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=4 SACK_PERM=1
2 2015-02-20 16:42:25.471918 160.153.52.47 192.168.0.188 TCP 22→56029 [SYN, ACK] Seq=0 Ack=1 Win=14600 Len=0 MSS=1380 SACK_PERM=1 WS=512
3 2015-02-20 16:42:25.471999 192.168.0.188 160.153.52.47 TCP 56029→22 [ACK] Seq=1 Ack=1 Win=66240 Len=0
4 2015-02-20 16:42:30.662592 160.153.52.47 192.168.0.188 TCP 22→56029 [FIN, ACK] Seq=1 Ack=1 Win=14848 Len=0
5 2015-02-20 16:42:30.662639 192.168.0.188 160.153.52.47 TCP 56029→22 [ACK] Seq=1 Ack=2 Win=66240 Len=0
6 2015-02-20 16:42:30.662711 192.168.0.188 160.153.52.47 TCP 56029→22 [FIN, ACK] Seq=1 Ack=2 Win=66240 Len=0
7 2015-02-20 16:42:30.837308 160.153.52.47 192.168.0.188 TCP 22→56029 [ACK] Seq=2 Ack=2 Win=14848 Len=0
Now, I thought this might be my router firewall, so I carried out a wireshark between the router and the Openreach box (I can see the same conversation encapsulated in the PPPoE session, so am assuming its a plusnet firewall issue). I can SSH to other hosts no problem so its not a block on port 22. And I can ping it so there is a route to the host.
Message 1 of 6
(1,697 Views)
5 REPLIES 5
Re: Plusnet Firewall blocking SSH connections to sites
20-02-2015 8:04 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Just a thought, the remote host isn't running Fail2Ban or Denyhosts or similar and you've gone and accidentally blacklisted your IP address?
Message 2 of 6
(1,056 Views)
Re: Plusnet Firewall blocking SSH connections to sites
20-02-2015 8:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
As far as I am aware its not running anything which would blacklist my IP, though I've never managed to connect to this IP - failed on first attempt.
I managed to teather my laptop to my mobile phone and login, just ran tcpdump on 160.153.52.47 and attempted to connect via plusnet, no trace of my plusnet static IP in the capture for SSH, can see the web requests I make on port 80. Its like the connection never reaches the server.
I managed to teather my laptop to my mobile phone and login, just ran tcpdump on 160.153.52.47 and attempted to connect via plusnet, no trace of my plusnet static IP in the capture for SSH, can see the web requests I make on port 80. Its like the connection never reaches the server.
Message 3 of 6
(1,056 Views)
Re: Plusnet Firewall blocking SSH connections to sites
20-02-2015 8:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
i've had no issues using ssh to connect to any server and if I ssh to 160.153.52.47 then it connects ok - although don't have a password to access.
Customer / Moderator
If it helped click the thumb
If it fixed it click 'This fixed my problem'
If it helped click the thumb
If it fixed it click 'This fixed my problem'
Message 4 of 6
(1,056 Views)
Re: Plusnet Firewall blocking SSH connections to sites
20-02-2015 10:50 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Its an odd one, the connection is not making it to the end host (160.153.52.47), my guess is a firewall somewhere in between.
$ ssh -v username@160.153.52.47
OpenSSH_6.6.1p1, OpenSSL 1.0.1j-freebsd 15 Oct 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 160.153.52.47 [160.153.52.47] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
ssh_exchange_identification: read: Connection reset by peer
$
$ ssh -v username@160.153.52.47
OpenSSH_6.6.1p1, OpenSSL 1.0.1j-freebsd 15 Oct 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 160.153.52.47 [160.153.52.47] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
ssh_exchange_identification: read: Connection reset by peer
$
Message 5 of 6
(1,056 Views)
Re: Plusnet Firewall blocking SSH connections to sites
21-02-2015 9:14 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
When did you turn off the Plusnet firewall and did you disconnect/reconnect after doing so?
Former Plusnet Staff member. Posts after 31st Jan 2020 are not on behalf of Plusnet.
Message 6 of 6
(1,056 Views)
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Fibre Broadband
- :
- Re: Plusnet Firewall blocking SSH connections to s...