Re: can a SSH server initiate a connection?
On Monday 02 August 2004 13:05, rich wrote:
> > Do you control firewall?
> > If yes : use DNAT to redirect external connection to SSH server
> > (if firewall is NAT box)
> > or open port 22 and forward connectio to internal hosts
>
> There's a firewall I control (which allows port 22 so long as the SYN
> packet comes from inside), but that's behind a NAT router, so the only way
> to "find" my server on the internet is if IT initiates the connection.
Thats not true. I have an sshd server sitting on a box behind a NAT firewall
(netgear router). I have opened port 22 and told the NAT router to route
incoming connections on that port to my sshd server. From outside I then ssh
to the IP address of the NAT router - it automatically forwards it to the
internal IP addess of the sshd server.
Once I am there, with controls I can then forward ssh onto other machines on
my internal network
--
Alan Chandler
alan@chandlerfamily.org.uk
First they ignore you, then they laugh at you,
then they fight you, then you win. --Gandhi
Reply to: