Expose a specific port to a device on your network.
Expose a specific port to a device on your network.
Have you verified you're not using a Double-NAT? Which connection type connects you to your ISP (Coax, Fibre, DSL, LTE, etc.)? You might assist in hiding the presence of an SSH server by keeping port 22 off the WAN and redirecting it to a port above 30,000, preferably one not in use by other services. Most port scan tools rarely check that high, and on your local network you can allow port 22 to be used for requests from the device.
It might be a double-nat setup based on what I found online. I’d really like to know more about the connection type, but the ISP installed a cable through my wall to my router. I have no idea anything else. They said it would be fiber when they were setting it up.
They mention fibre but it appears to be an ethernet cable into your home, possibly a media converter. Sometimes ISP providers place you behind a router you can't access. If this happens, you're likely in double NAT—your best move is to contact them and see if they can resolve the issue. We're still unsure about this yet. The person you spoke to said it should work, which is encouraging. Have you tried connecting to your server or are you only using the port tester? Are you linking through a public IP or a domain?
Determine if you have double NAT or are behind carrier-grade NAT. Run a traceroute to 8.8.8.8; two internal IPs at the start indicate double NAT. If your router's WAN IP differs from the one provided by ipchicken.com or another service, you're behind carrier-grade NAT. To fix this, either bridge the gaps or set the second IP as a default access point. If you can't open ports or prefer not to manage it, consider using ZeroTier—a virtual network solution.