Get superfast AT&T Fiber internet
marlon_jackson's profile

2 Messages

Sunday, February 25th, 2024 11:22 PM

Simple SSH Server using BGW320 router solved

I needed to do something very simple but could not get this to work for days.
Since I'm using AWS CLI which requires whitelisting IP addresses, and I need to work remotely by connecting my laptop computer to my phone's personal hotspot to SSH to my home server. I have a single IPv4 address facing world and a local network, but I'm using the ATT BGW320 fiber router without doing anything fancy, like passthrough with my own router on the local side.

I had this working fine with my old DSL router, but with the new setup, my SSH attempts timed out.

What I didn't realize was there are two steps necessary when configuring the BGW320:

  1. Most obvious is creating an SSH server service for my home server computer in Firewall > NAT/Gaming. My mistake was thinking that should be all that was needed.
  2. But one more easy step is required. In Firewall > IP Passthrough:
    1. Set Allocation Mode to Default Server.
    2. Choose your server computer by name at Default Server Internal Address dropdown. It will automatically fill in the local IP address.

Viola! It worked fine! I know this simple thing is nothing compared to many solutions posted here, but had I found this information, it would have saved me hours of frustration.

Accepted Solution

ACE - Expert

 • 

35K Messages

2 months ago

But one more easy step is required. In Firewall > IP Passthrough:

Set Allocation Mode to Default Server.

Choose your server computer by name at Default Server Internal Address dropdown. It will automatically fill in the local IP address.

What you have done is port forwarded every TCP and UDP port to your device.  Instead, you should have been able to just port forward TCP 22 (or whatever port you're using instead to obfuscate the fact that it's a SSH port) using the NAT/Gaming subtab of the Firewall tab.  I hope that your system is hardened for having all ports exposed to the Internet.

(edited)

2 Messages

2 months ago

@JefferMC - I should thank you ... I switched it back a few hours later on your advice. 
It turns out my problem had nothing to do with the router configuration (past the NAT/Gaming part), but that I didn't have my server set to be awake for SSH incoming.

I don't have cellular in my house so I have to drive a ways to test it, and it took long enough for my server (which is just a laptop) to sleep. So it would not respond. So dumb of me.
But I have that set up right now, so now my only configuration is that in Step 1 with Firewall > NAT/Gaming. Just add the SSH server service and make sure your server doesn't go to sleep when the screen turns off.

Thank you again!

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.