Sonic noob - Reverse SSH through 5268AC?

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
3 posts Page 1 of 1
by jmleczko » Fri Jun 07, 2019 8:54 am
Hey All,

So I've got a static IP on my Pace 5268AC modem/router combo. I also have a Netgear Nighthawk hanging off one of the wired ports on the pace. I'm using the pace for wireless and the netgear for wired. Reason being, I have a usb drive hanging off the nighthawk that I have configured as an smb shared drive. Both for backup and media server. I also have an esxi host connected to the nighthawk. I would like to be able to reach my wired devices from outside. So I'm trying to create a reverse ssh tunnel between the pace and the nighthawk.

Here's what I'm trying(on the nighthawk)-> ssh -fN -R 1000:localhost:22 <username>@<static public IP>

The response is asking for a password from the public IP, which tells me I'm getting through. Otherwise I would probably get more of a "denied" type response. I tried admin/<my password>, but it didn't work. I called Sonic Support to find out what the username password combo might be, but they informed me SSH is not supported with their equipment. Truth be told, the person I spoke to didn't seem so sure. He directed me to try the forum. So I'm here.

Has anyone tried this successfully?

Thanks,

-John
by js9erfan » Sun Jun 09, 2019 10:34 am
Without knowing which device is handling DHCP and the reason for using WiFi on the Pace instead of the Nighthawk, I would just enable DMZ+ on the Pace for the Nighthawk (make it your gateway w/ WiFi) and enable the OpenVPN server on your Nighthawk for remote access.

Before I moved to pfSense I used a Nighthawk R7000 running Xwrt-Vortex (a Asuswrt-Merlin fork). A properly configured VPN server with strong encryption, etc. is a better option for your goal of accessing your LAN devices in my opinion... Remote clients act as local clients once connected to the VPN with easy access to your LAN resources (assuming routes and your firewall are setup accordingly). It's also an added bonus for surfing when on the road using unsecured WiFi hotspots, etc. Good luck!
by danielg4 » Fri Jun 21, 2019 11:59 am
DMZ+ mode on the Pace is the best you can hope for with this topology, but using that, the Netgear will fill up the Pace's NAT table pretty quickly, and you will need to power-cycle the Pace all too often because connectivity will keep dying. I strongly recommend you just get rid of the Pace and get something else instead. There are multiple threads on the forum about what models will work.
3 posts Page 1 of 1

Who is online

In total there are 32 users online :: 0 registered, 0 hidden and 32 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: No registered users and 32 guests