I'm trying to set up a simple SSH server, but the port is still filtered even after port forwarding. (I've set up SSH to use port 1338 instead of default 22.)
We can see that the port is filtered by running a Nmap scan on the local IP (where the port is open) and then on the external IP.
Running nmap on local IP:
$ nmap -p 1338 -Pn 192.168.1.144
Starting Nmap 7.70 ( https://nmap.org ) at 2019-12-17 16:34 CET
Nmap scan report for 192.168.1.144
Host is up (0.0030s latency).
PORT STATE SERVICE
1338/tcp open wmc-log-svc
Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
Running nmap on external IP:
$ nmap -p 1338 -Pn <server's external IP>
Starting Nmap 7.70 ( https://nmap.org ) at 2019-12-17 16:34 CET
Nmap scan report for <external-IP>.<ISP-info> (<external IP>)
Host is up.
PORT STATE SERVICE
1338/tcp filtered wmc-log-svc
Nmap done: 1 IP address (1 host up) scanned in 2.07 seconds
Port forward settings (this is an ASUS RT-N12D1 Router if that's relevant):
What could cause this? It looks like there's a firewall stopping communication but I don't have any firewall configured. I recently moved and took over the previous tenant's internet service, maybe there's a firewall between my router and the internet?
Edit
This user is talking about Linux filtering incoming connections. My server is running a fresh install of Ubuntu 16.04 and as far as I know Ubuntu does not ship with a pre-configured firewall.
Edit
I logged traffic using tcpdump
and I can confirm that the traffic is not blocked by the server itself (i.e. traffic is being filtered by either the router or something earlier in the chain).
Best Answer
It turns out my ISP was using Carrier-grade NAT, which essentially means I have a private IP address. The solution was to call them and ask for a public IP address.