Bitvise SSH Blocked

[LT72884]

OK, im new here, but not to networking. I am having the oddest issues with my ssh server. Im going to provide alot of detail, as to not miss anything.

First, i USED to have xfinity as my ISP. Then, due to circumstances out of my control, we had to switch to CenturyLink. When i had xfinity, the ssh server worked flawless!! Now, i can only access it from INSIDE my lan.

Second. I have contacted centurylinks net engineers asking if they block the ssh protocol or ports. They have informed me that they only block port 25 and they will not block at the protocol level.

Ok, so in theory, i SHOULD be able to access my ssh server from the outside world like i used to before i had to switch ISP's.... but i cant.

things i have tried:
On my router, i added the following exception to the firewall and to test port forwarding. I then used a game server as my test subject and low and behold, friends can log into the game no issues. BUT ssh will not work, even over port 443, 22, OR 25565. I can get every other service to work over those ports, except ssh. i have even tried random ports such as 8022, 5322, etc. Yes, i did make sure to add those to the firewall and prot forwarding list. I just have removed them until i can get this to work haha

On my windows 10 firewall:

On my BITVISE ssh server:
Listening on port 443,22,25565

I have even dared to turn OFF all firewalls, including the one in the router and it still will not EVEN hit my server. The normal behavior of bitvise server is, anytime someone connects, it shows a popup on the bottom right of my screen stating that a pc is trying to make a connection. When i try from the Lan side, the popup shows and i connect. From the outside, no popup, no server entries, no logs, just error 10060 timeout on the client side.

I feel like, once i switched ISP's something happened either with a file in the PC or firewall im not aware of.

Please help me

thanks

 

[Regedit32]

Any chance you're using a Static IP that is associated with your old ISP and you now need to change the Static IP?

 

[LT72884]

Any chance you're using a Static IP that is associated with your old ISP and you now need to change the Static IP?

Not that i am aware of. Everything with Xfinity was dynamic.. unless i switched something. When i get home ill check all my interface cards and server setup to double check. Ill also turn off internwt sharing.

Its ao strange that i can access my test game server(minecraft) via the outside world, but ssh... nope.

Thanks. Are there any files or other configs im not thinking of?

 

[LT72884]

Ok, as per requested, i have checked all IP's and they are all correct. unless i misunderstood you, haha, which can happen. I wonder if i should do an nmap scan on my public IP just to see what happens. i COULD have a faulty router that just doesnt know how to route haha

Here is what happens for me. This snippit is from the CLIENT logs, not the server:

Thanks

 

[LT72884]

Ok, this just happened
As soon as i logged in from my local side, a bunch of ssh connections from Asia started to hit my server. they were all denied. I then logged out, waited a few minutes and did it again, with same exact same result. Im wondering if my PC has a backdoor on it so anytime i ssh into it, the backdoor calls home to its creator?? The asia address ONLY tries to connect when i have logged into my ssh server successfully. Check out these logs:

EDIT: i have confirmed no backdoor. ASIA is just busy ping sweeping tonight. im watching my logs fill up fast haha. Im just happy SOMEONE can hit my server, wish it were me, but sadly i cant nor my friends can generate logs on my server. But why can ASIA?

sorry for the random posts, but this server stuff gets tricky and risky if not careful

thanks again

 

[Regedit32]

Are you trying to connect via Root?

If you are trying to connect via root, is the PermitRootLogin set to yes or no in /etc/ssh/sshd_config?

I assume you are using Password Authentication so have you checked that it enabled in /etc/ssh/sshd_config?

 

[LT72884]

I am using a private/public key for authentication

I have only user account created with bitvise server and i think its a non root account. Bitvise server doesnt really deal with root stuff on win 10 as far as a i am aware. The server has its own gui where you configure everything.

The main issue is, somewhere along the line, before the request hits the server, the packets are dropped because the server never responds to the requests or even rejects them. Thats what error 10060 is. I cant connect, my friends cant connect, i tried from 4 school pc's, library pcs and nothing. I have tried from at least 10 different public ips to try and connect and all attemps aare the same error. But yet asia can get in and the server rejects them. I have not even had the pleasure of my server rejecting me, my request never makes it.

In all my career, i have never seen this haha.

Thanks for your replies

 

[Regedit32]

I've been racking my brain over night regarding your issue, trying to remember how you authenticate a User.

I'm fairly certain you have to add Users to a list for them to be able to access your setup, but I can't recall where you do that.

If they are using a public/private key to connect, then that is in effect acting as an authenticator but given anyone could get access to this key there must be a config somewhere in your setup where you create a list of Users who will be recognized as authenticated sign-ins.

I know you mentioned you contacted your new ISP, but I am wondering whether there is something they are not telling you given all your woes began after switching ISPs.

Have you also checked your router settings to confirm port 22 is available for its purpose?

 

[LT72884]

"Have you also checked your router settings to confirm port 22 is available for its purpose? "

Yes, i have done that. In fact, last night, after i replied, i turned on the server for 1 hour. I had 35 attempts on port 22 from random users doing scans or trying to connect. So i know the router and firewall is working great. Maybe the reason the server is showing those attempts from the random 35 users, are because they are scans and not actual full connects. maybe stealth scans and the ssh service is being wrapped in another low level protocol?? i never thought of that tell just now. I bet you thats why it shows the attempts.... they are using a tcp wrapper

BUT, anytime i try to connect to my server, or have someone else at work, school, or a friends house try and connect via ssh... no attempts even show up on the server log. They all get the same "flow socket error 10060" message back from the ssh client.

"I know you mentioned you contacted your new ISP, but I am wondering whether there is something they are not telling you given all your woes began after switching ISPs."

that may be true. in there reply they did mention that they would block protocols if to many DDOS attacks happened, but is uncommon for that to happen. maybe here in utah there was to much abuse on the ssh protocols so they are blocked

 

[Regedit32]

Is your router uPnP capable?

If it is maybe the simplest thing would be to setup your Server again and let the SSH server manage the router, by enabling Automatically configure router (requires UPnP) in Easy SSH server settings.

 

[LT72884]

Is your router uPnP capable?

If it is maybe the simplest thing would be to setup your Server again and let the SSH server manage the router, by enabling Automatically configure router (requires UPnP) in Easy SSH server settings.

i do not know but i did have that checked.

One thing i have done, the server that i had on my pc was setup with xfinity. I have uninstalled the bitvise server and client. I will be re-installing fresh to see if that makes a difference. If not, then ISP HAS to be the issue haha. ill report back

 

[Iammore]

Elevate Bitvise SSH and connect again. I had the same problem for 3 days. "TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond". I resolved it by running Bitvise SSH as an administrator and it worked. Hope this information helps someone.

 

[Jamesm46]

Elevate Bitvise SSH and connect again. I had the same problem for 3 days. "TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond". I resolved it by running Bitvise SSH as an administrator and it worked. Hope this information helps someone.

I have elevated Bitvise and I am running it as Administrator but I am still getting the same error.