Aman, Try opening up port 53 UDP so DNS requests can go through. SSH will hang on authentication for a long time if nameservices are blocked.
--Liam At 10:37 AM 11/27/2001 -0600, aman raheja wrote: >If I drop the firewall, the connection is instant, no time lag. >Suggestions? >Aman > >>From: "TD - Sales International Holland B.V." <[EMAIL PROTECTED]> >>To: "aman raheja" <[EMAIL PROTECTED]> >>Subject: Re: ipchains >>Date: Tue, 27 Nov 2001 10:48:45 +0100 >> >>On Saturday 24 November 2001 19:35, you wrote: >> >>Might be the DNS look-up. Although I've seen establishing ssh connections >>that took a while with hosts that are know to the dns servers. What >>happens if you drop the firewall and then connect to it? >> >>regards >> >> > hi all >> > i have configured ipchains on my linux 7.1 box. >> > the 3 rules (in order) do the following >> > 1> accept src 0.0.0.0/0 port * dst hostA port 22 >> > 2> accept src hostA port 22 dst 0.0.0.0/0 port * >> > 3> deny src 0.0.0.0/0 port * dst 0.0.0.0/0 port * >> > I intend to allow ssh on hostA, and deny everything else. >> > It works but it takes too long for the connection to establish even when = >> > I >> > am doing ssh from hostA to hostA itself. I wonder why? >> > Suggestions? >> > Aman > >_________________________________________________________________ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Liam Reimers, Senior Systems Programmer ULTIMATE Internet Access, Inc. (909) 482-1634 (800) 982-6898 http://www.uia.net
