I have a server running ArchLinux at home called SERVER. Currently, I can gain access to this machine via SSH by issuing ssh user@SERVER from another computer that is connected on the same LAN. It also works if I replace SERVER with SERVER_LAN_IP (192.168.X.X).
I wanted this server to be publicly accessible from the internet, so I set up my router to forward the appropriate ports (external 1234 to internal 22). Now from a computer on the same LAN, issuing ssh -p 1234 user@ROUTER_WAN_IP seems to do the trick. However, as soon I leave the LAN, I can't even so much as ping the ROUTER_WAN_IP.
If it helps, I am using a cable internet connection. The router detects the modem through vlan and gets its external IP via DHCP.
Best Answer
Sometimes, it's easiest to start with the bare minimal configuration, and work your way out from there.
make sure you are using Port Forwarding, and not "port triggering"
disable "no ping from WAN" functionality, (this prevents PING to the router)
use a traceroute/tracert to see if a packet can successfully make it to your router
place your server inside the DMZ, and try this first
next, try without redirecting the port (just use 22)
if the above works, forward from 1234 to 22
disable unessecary firewall security features, enabling them one by one after you have success. (remember to revert to your original security settings if you have no luck)
check your routers firewall log, and your servers logs, for reports of potential issues