Thanks, I will try to do as you suggest. Will use OpenVPN, and close port 22.

Thanks Nick

I am afraid that, as soon as you have port 22 exposed to the internet, you will have that sort of hacking and it is not all China. It has nothing to do with your domain name being exposed. It is all by guessing IP addresses. Personally I don't open port 22 to the internet, and if I have SSH exposed, I use SSH keys only and not user/pass. My recommended way of accessing a server is to use OpenVPN to connect to you server and then use SSH to the LAN IP. There is more information on securing SSH here.

Apparently it's someone in China:

IP address: 221.181.185.18
City: Danyang
Region name: Jiangsu
Country name: China
Life Expectency: 71.4
Avg income: 769 EUR
Timezone: Asia/Shanghai
Sub continent: Eastern Asia
Country code: CN
Geo-targeting: true
◉ Latitude: 31.998703
◎ Longitude: 119.5784

It was a bad idea posting all my data here. someone is trying to break into my clear os install. I have 608 authentication failures via ssh so far.

All from different IPs, but all similar:

221.181.185.29
221.131.165.71
222.187.224.30
218.93.208.28
221.181.185.199

And so on.

So, now, what can I do about this ??

Nick can you please erase all domain names and data from your replies ??

Thanks.

Hello Nick,

Thanks for all the help. My ISP uses CGNAT, so I was never going to be able to make things work properly. Fortunately I asked nicely and they gave me a public IP, which is now resolving to poweredbyclear as mu DynDNS. All good now.

Thanks again, will now get back to trying to make the mail server work, and relay through mailjet, which is pretty much the last thing I need to do to get everything I wanted working. Oh and either nextcloud or owncloud, yes that too.

Thanks

Manuel

If your ISP is using NAT, you need to get them to port forward 181.43.243.47 to 100.64.165.134. Good luck with that. Perhaps you could just ask them for a public routeable IP for your router. I am not sure of the correct terminology.

For SSH, edit C:\\Users\\manue/.ssh/known_hosts and I think you need to delete line 2.

From the internet you should not get any response from 192.168.100.100 and 192.168.100.1 as they are non-routeable private IP's.

HI,

Yes, curl ifcondig.co gives me

My routers wan address is , I am not connected via 4g, it is traditional ISP, in fact its optic fiber.

I will check with my ISP as to how they are redirecting to my router, surely it should be NAT, otherwise I would not be able to find my server, which at times I have been able to access directly. I am having trouble now with SSH as it says :

So this is getting more complicated and clearly something changed, as I'm not able to SSH directly. Considering that I'm doing this on the open internet, I'm probably trying to SSH somebody else, and probably should stop.

My ISP must be redirecting from to , other than that I do not understand why I would have two IP addresses with my ISP.

To sum things up, it would seem that is working properly until it reaches my ISP, would you agree with that ??

I have tried pinging and get request time out.

Pinging and get the same result.

Pinging and pinging both work. But they are very generic and I might be pinging anything really, not necessarily my server, in fact probably not.

Today is a religious holiday, so nobody at the ISP is answering, Ill get back to you with more information tomorrow. Maybe the ISP is blocking ports 22,80,81 and 443, and that is the reason this happens.

Thanks

Manuel

Does "curl ifconfig.co" give 181.43.243.47? Are you by any chance connecting to the internet by 4g?

I am concerned that you give 2 IP addresses, 181.43.243.47 and 100.64.165.134. I've seen that with 4g connections where the phone gets one IP (like your 100.64.165.134) but ifconfig.co reports another IP like 181.43.243.47. To me this indicates the ISP is NAT'ing your connection which means you can never reach your router.

From ClearOS can you try a "traceroute 1.1.1.1" or anywhere reachable.

The DNS may route almost as you say but traffic does not.

From what I can see acadia.host has an A record pointing to 181.43.243.47. If that is your IP then I am puzzled unless they have some sort of DDNS or unless you update this IP manually.
I can see www.acadia.host is a CNAME record pointing to acadiahost.poweredbyclear.com which then points to 181.43.243.47. I would expect this sort of set up.

ClearOS is in Gateway mode

External IPs are:


I have two subnets -

I have only one powered by clear domain - a
This is what I get when I ping my domain:

OK, now nothing is working, I tried pinging which is my gateway address, etc and same result, request timed out. I can't understand where the disconnect is.

Thanks,

Manuel

I think you're going to have to give details.
Is ClearOS in Standalone or Gateway mode?
What is its external IP?
If it is in Gateway mode, what is its LAN subnet?

Where is Porkbun in your network No traffic should be routed through it if it is a DNS server. It should just do DNS lookups.

What is your poweredbyclear.com domain and what other domains are having problems?

What port forwards do you have on your router. Note you can only forward a port to one device, so if you forward SSH to your WAP, you cannot also forward it to ClearOS unless you use a different incoming port.

When using your domain, why do you think you reoute to DNS > ClearOS > ISP? Are you doing this from your LAN or from the internet? If it does not work, what IP does it see from your domain (ping the domain)?

Hello Nick,

As far as I can tell, I have three IP addresses, my ISPs - my router's and my "gateway"'s IP.

The clear OS IP changes almost every month as it is DDNS, I had not had an issue with this before as I had managed to set it up properly.

I am port forwarding, proof is that if I SSH from the internet, I connect using my cell phone's hotspot, SSH directly to my gateway IP works fine. But when I SSH to my domain (which routs to my dns server, then to clear, then to my ISP) it does not work. I have a login website that takes me to clear login. This small site is not loading when using my domain, or any subdomain.

There is clearly a disconnect between the Porkbun (DNS server), ClearOS, and my ISP. As I can connect if I don't use the domain route.

I believe my ISP has all ports forwarded, but am checking now. Clearly port 22 is open or being forwarded to my router, I am checking the rest. But it is clear so far that it is a domain related issue, more than a port problem.

Hope you can help me.

Thanks

Manuel

PS the only change I have made recently is that I upgraded from community to home version. All the rest is the same. I have changed some firewall permissions since then, but everything works well now inside my two lans. I am able to connect, see the mini site, SSH etc. inside my setup. It is from the outside that the issue presents itself.

Is your router performing NAT (so working in router mode). If so, what external IP does your router show? If it is in bridge mode, what is the ClearOS WAN IP?
From the command line, what do you get from "curl ifconfig.co"

If you router is in router mode, you will need to forward ports you want to use to ClearOS.

Is ClearOS is Gateway or Standalone mode?

I hate bumping my own post but I'm going to add some more information, maybe someone can help me.

I can see my website from any device in my internal LAN, nevertheless I connect to my ISP router and I can't access it. So I'm thinking it's a disconnect between my server and my router. I have ports forwarded from the ISP router to my clearos server and have the same ports open in clearos.

I recently upgraded from community edition to home edition, maybe a setting changed and I'm blocking a port, or something, that is not allowing access to my website.

I have the following apps up and running:

1-1 NAT Firewall
Custom Firewall
DMS Firewall
Dynamic Firewall
Egress Firewall
Incoming Firewall
Mini UPnP
Port Forwarding

The only one with settings for my webconfig port 81 is the incoming firewall. Should I change a setting in any of the other apps ?? Open a port somewhere else ??

Thanks

Manuel