I have an issue that I hope you’ll be able to help me with. I had a setup that worked wonderfully until I upgraded Tomato from 1.23 to 1.28 (router wrt54gl). I used to ssh into my router and than use remotelyanywhere (RA) to access my computer.
With Tomato 1.23 the connections from the tunnel originated from the router’s internal IP (192.168.1.1), so I just blocked all connections with Comodo firewall coming NOT from this IP to the RA listening port.
However with Tomato 1.28 the tunnel connections originate from my WAN IP (which changes frequently), and I don’t know how to differentiate between the SSH and normal connections in Comodo. I hope someone will be able to help me with this Many thanks!!!
Typically, SSH uses UDP on Port 22. I’m not sure if this is same for Tomato. However, you should be aware that it is not uncommon for this port to be probed looking for SSH vulnerabilities. But, I assume Tomato (being new?) would be hardened.
Another restriction that you could impose is by creating a Network Zone that encompasses the IP ranges used by your ISP and limiting that connection further to this Zone only.
Not to my knowledge I’m afraid (although someone else might know). The problem is that an RA connection is, in reality, just a normal connection. Although I haven’t used RA in many years, I don’t think it uses any special type of protocol as such.
Hmmm, something just came to my mind. What if I set up openssh on my workstation and tunnel into that one instead of the router? that way I could block all connections not originating from localhost/workstation IP…