channel 3: open failed: administratively prohibited:

[voipair]

So trying to get crashplan working on ac68u, asuswrt-merlin 378.55 debian chroot
Crashplan gui runs on one pc and talks to engine running in chroot on router
on desktop enter

ssh -L 4200:127.0.0.1:4243 admin@192.168.12.1
telnet localhost 4200

in the routers shell the following text appears (title of post) and i don't know what it means. This occurss every time i run the telnet command.
channel 3: open failed: administratively prohibited:

Searching it looks like an ssh restriction, but didn't find where to edit those files on the router. Does anyone have any idea where i could look next, logs etc
thanks

 

[voipair]

really i just need a way to allow the router to forward ports to crashplan,
telneting without the ssh to routers ip address results in refused, but when i telnet to port 4242 the crashplan incoming connection for backups i succusfully connect. So somehow crashplan PNP has opened up the ports on the router but I cant figure out how to do it, i thought i did as i have this is working for Bubble at http://192.168.12.1:58050/#main

my iptables --list is
admin@RT-AC68U:/tmp/home/root# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:4243
ACCEPT tcp -- anywhere anywhere tcp dpt:4200
ACCEPT tcp -- anywhere anywhere tcp dpt:58051
ACCEPT tcp -- anywhere anywhere tcp dpt:58050
logdrop icmp -- anywhere anywhere icmp echo-request
logdrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:8082
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT icmp -- anywhere anywhere icmp !echo-request
ACCEPT tcp -- anywhere anywhere tcp dpt:1723
ACCEPT gre -- anywhere anywhere
logdrop all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
logdrop all -- anywhere anywhere
logdrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate DNAT
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain FUPNP (0 references)
target prot opt source destination

Chain PControls (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain logaccept (0 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix "ACCEPT "
ACCEPT all -- anywhere anywhere

Chain logdrop (5 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix "DROP "
DROP all -- anywhere anywhere

 

[voipair]

I dont think i need this solved any more the crashplan engine wasn't listening on all interfaces so i changed that and now hopefully don't need to ssh.

 

[voipair]

Just stumbled across where to enable this in the asuswrt-merlin interface
Administration - System - SSH Daemon - Allow SSH Port Forwarding