Setting up the Ethernet switch didn't fix the port forwarding issue.
Setting up the Ethernet switch didn't fix the port forwarding issue.
I've set up a home computer with Ubuntu running on a server, connected via SSH on port 22. A router with a TCP port forwarding rule has been in place for secure access, which is functioning well. Recently, I upgraded to a Gigabit Ethernet switch to boost local network speed, but now accessing the server has become impossible after connecting it through the switch. Turning the cable off and back on restored access. This shouldn't be an issue since the switch uses simpler protocols than those used for port forwarding. Could there be another factor at play?
The basic, untouched layer 2 switch won’t interfere with your port forwarding rules. Do you know which specific physical network port on your modem or router is designated for the DMZ? Also, confirm that everything functions correctly within your local network while the switch is active.
I don't have any DMZ configuration, just a standard port forwarding rule. The internet has been inconsistent with the new switch—WiFi connections are frequently dropping, and I'm not sure why. I did test a 1 gigabit connection between my laptop and server. Maybe I should consider using a different switch?
The issue isn't related to switches since port forwarding works at layer 3 or 4. Your router settings likely need correction first. Confirm you have a switch and not another router—please share its brand and model. Also, enabling SSH access from the internet is risky; consider an alternative approach.
The TP-Link LS1005G I bought has SSH enabled, but restricting it to private keys and limiting sessions helps security. SSH works well for tunneling to other services like your Pytron notebook. Consider using a dedicated secure tunnel instead of SSH directly for better protection.
I believe I’ve fixed the issue. When connecting remotely from devices linked to the switch, I can access the LAN IP to reach the device but not the public IP. Before that, I needed the public IP to connect. Now I’m using the hotspot and can still reach my server via the public IP address.
That improves security more than expected. Still, sharing login details with your server makes it visible to everyone. Even with key-based authentication, your host remains easily identifiable, and minor mistakes can expose your system to attacks where the whole machine is at risk. No matter how secure your setup seems, vulnerabilities can emerge unexpectedly. It’s unclear which SSH service you’re using—just remember that issues like libssh in 2018 allowed bypassing authentication stages, which are not as common but still possible. Good to know it was fixed.