[Simon]

I have a PowerBook running 10.4.2. Its SSH server is running and the firewall has port 22 opened. Ever since I've hooked up the PowerBook through an AirPort Express I can't ssh into it anymore. It works when I plug it in directly into the cable modem, but if it's behind the APX I get a

[-bash]$ ssh simon@***.dyndns.org
ssh: connect to host ***.dyndns.org port 22: Connection refused
[-bash]$ ping ***.dyndns.org
ping: ***.dyndns.org is alive

However, I know the DNS is resolving properly and I'm talking to my PowerBook, but it's as if the APX had closed port 22. NAT and DHCP are set to on in the AirPort Admin utility.

Am I overlooking something here? Did I forget to chose a certain AirPort Utility setting?

[sweetsdream]

Make sure you are redirecting the port in the Airport Admin.

[Simon]

Originally Posted by sweetsdream

Make sure you are redirecting the port in the Airport Admin.

Redirect the port? Could you elaborate?

Doesn't the call to powerbook.somewhere.net:22 get routed to the PowerBook's port 22 by the APX automatically?

Thanks for your help!

[sweetsdream]

Your domain name only points to your external address, which is you Airport. Go into your Airport Admin Utility and select the 'Port Mapping' tab. You have to port external port 22 to internal port 22 to your PowerBook (probably 10.0.1.2 or something).

[Simon]

Originally Posted by sweetsdream

Your domain name only points to your external address, which is you Airport. Go into your Airport Admin Utility and select the 'Port Mapping' tab. You have to port external port 22 to internal port 22 to your PowerBook (probably 10.0.1.2 or something).

That did the trick, thanks!

But now I'm wondering... How do I make sure that my PowerBook will always get 10.0.1.2? If one of my other Macs take that IP for some reason (PowerBook's off or not hooked up to the APX), will that Mac suddenly get port 22 traffic meant to go to the PowerBook? And why did SSH need this, but AFP doesn't? Do I need to do this for every port and service I plan to use remotely? Do I have to open up all BitTorrent ports this way too? Sounds a bit tedious...

[ghporter]

While most DHCP servers tend to reassign the same address to a specific adapter over and over again, you can't depend on that. Just assign the PowerBook a fixed IP (that's outside the range of the DHCP server's addresses) and you're golden.

[Simon]

Originally Posted by ghporter

While most DHCP servers tend to reassign the same address to a specific adapter over and over again, you can't depend on that. Just assign the PowerBook a fixed IP (that's outside the range of the DHCP server's addresses) and you're golden.

Is it enough to tell the PowerBook to use 10.0.1.2 (and the APX will accept that all by itself) or do I have to configure the APX to hand out fixed IP addresses? And if it's the latter, how does the APX know which of my Macs is the PowerBook in question? The MAC address?

Thanks for your help.

[ghporter]

Originally Posted by Simon

Is it enough to tell the PowerBook to use 10.0.1.2 (and the APX will accept that all by itself) or do I have to configure the APX to hand out fixed IP addresses? And if it's the latter, how does the APX know which of my Macs is the PowerBook in question? The MAC address?

Thanks for your help.

You set fixed IPs IN THE COMPUTER. The APX (and any other DHCP server) will assign addresses to anything that requests addresses-and a computer won't do that if it has a fixed address already set.

The problem is that you have to make sure you don't use one of the addresses the DHCP server might use, so you need to know the range of addresses it uses (and I don't know details on this in )the APX. Basically an IP address conflict-when more than one device on the network has the same IP address-can be a real pain, so you need to make sure any fixed addresses can't accidentally be assigned by the DHCP server.

[Simon]

Now I get it. Thanks for your help!