Hi Aldo, Please also reply to the list, so the other members can read along. I've redacted your MAC addresses in the quote below, because I think they are not needed.
On 7 February 2018 at 23:22, Aldo Maggi <sentini...@virgilio.it> wrote: > I switched the level of logging of ufw to "full" and in "kern.log" I > have found the following: > root@Casa-mia-1:~# cat /var/log/kern.log |grep -i DPT=2222 > Feb 7 23:00:12 Casa-mia-1 kernel: [14311.741791] [UFW AUDIT] IN=eno1 > OUT= MAC=<> SRC=192.168.1.1 > DST=192.168.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=27675 DF PROTO=TCP > SPT=45892 DPT=2222 WINDOW=65535 RES=0x00 SYN URGP=0 > > Feb 7 23:08:48 Casa-mia-1 kernel: [14827.858458] [UFW AUDIT] IN=eno1 OUT= > MAC=<> SRC=192.168.1.1 > DST=192.168.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=45177 DF PROTO=TCP > SPT=42165 DPT=2222 WINDOW=65535 RES=0x00 SYN URGP=0 > > Feb 7 23:09:50 Casa-mia-1 kernel: [14890.104629] [UFW AUDIT] IN=eno1 OUT= > MAC=<> SRC=192.168.1.1 > DST=192.168.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=53838 DF PROTO=TCP > SPT=58074 DPT=2222 WINDOW=65535 RES=0x00 SYN URGP=0 So a connection with destination port 2222 has a destination IP address of 192.168.3.1 in these logs. Your PC has 192.168.3.100, so I think you need to edit the NAT rule that forwards 2222 to point to 192.168.3.100 instead of 192.168.3.1. ~ Gerdriaan > these were three attempt to connect to 192.168.1.120 via ssh on port > 2222 from my smartphone with Ip 192.168.1.4 in fact its Mac > (<>) is included inside "MAC=" > > Thanks for your help! > > Aldo :-) > > > > Il giorno Wed, 7 Feb 2018 22:27:51 +0100 > Gerdriaan Mulder <naaird...@gmail.com> ha scritto: > >> Can you check whether you can access your home pc from the >> 192.168.1.0/24 network? So, connect a device to your router on the LAN >> side, acquire an IP lease in the 192.168.1.0/24 network, and connect >> to 192.168.1.120 on port 2222. >> >> If that doesn't work, can you insert extra logging rules in ufw? >> Packets that would be dropped then appear in /var/log/kern.log, which >> helps debugging your problem. >> >> ~ Gerdriaan >>