Fact: Recently upgraded from RHEL3 to RHEL4. All was good before then. Problem started immediately after the upgrade.
Fact: The server always works fine when SSH connections are made directly to it
Fact: The server never works when SSH connections are made through the firewall/forwarder
Fact: The firewall/forwarder is SuSE Linux using iptables
Details:
After the upgrade, the SSH server stopped working remotely (from my home to the office). Snoop on the firewall and the SSH server show that my client connection is received by the firewall, natted, sent to the SSH server and received by the SSH server in less than 1.5 seconds. The SSH server never replies. After two additional attempts to connect the client times out. Why isn’t the SSH server replying?
I turned on SSH debugging (sshd -d -d -d) and sent *.debug to /var/log/debug, but there is nothing in /var/log/debug. If the SSH server isn’t replying shouldn’t it log an issue?
I see that the problem is isolated to the forwarder, but I still go back to two things…
1) The only thing that changed was the SSH server and as soon as the upgrade completed it became a problem.
2) The forwarder is passing the traffic to the SSH server correctly. Nothing is different in this snoop v. the snoop we did a while back for another problem (happened to have some SSH traffic in it).
I even turned off iptables and relaxed all SSH security on the SSH server.
Any thoughts would be greatly appreciated.
