Re: expose internal network to the outside world
oops, sentthis to wim first by mistake -- sorry, still missing some mutt
features in thunderbird...
m
wim wrote:
>Hi Matt,
>
>It seems that option 2 may work for you. Installing a Debain box with
>iptables seems a little bit of overkill to me ;-)
>But that's my thought...
>
>you should NAT mydomain.dyndns.org port 2000 to 192.168.2.199 port 22
>and mydomain.dyndns.org port 3000 to 192.168.2.254 port 22
>
>Maybe you can add an ipaddress int the table with the trigger ports?
>your public ports should be 2000and 3000 your trigger ports should be 22
>for both private ipaddresses I think...
>
>
>
Thanks wim! and everyone else. I must have missed something in the
admin screens, 'cause when I logged in this morning there was "virtual
server" right in my face. I set up the ports just as wim describes, and
it works great! Only problem now is that when I use ssh from outside
the network, first ssh one machine, then the other, I get an error
message to the effect that :
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
Add correct host key in /home/matt/.ssh/known_hosts to get rid of this
message.
Offending key in /home/matt/.ssh/known_hosts:8
RSA host key for x.dyndns.org has changed and you have requested strict
checking.
Host key verification failed.
This is a minor annoyance but for now I can live with it!
thanks again,
matt
>Good luck.
>
>On Wed, Sep 14, 2005 at 10:16:49PM -0400, Matt Price wrote:
>
>
>>hi folks,
>>
>>I have 2 computers on a home network, connected to DSL through a modem
>>and a cheap SMC router (Barricade g = SMC2804WBRP-g). I would like to
>>be able to ssh into both of them form the outside world. I have
>>successfully set up "inadyn" to associate a stable URL (x.dyndns.org)
>>with my dynamic IP, which is great. Now the problem is to tunnel remote
>>ssh requests to the two local machines. I don't really understand this
>>very well (though I tried something similar about 2 years ago -- got
>>stumped then).
>>
>>As I understand it, what I need to do is set up some kind of a table
>>where external requests on particular ports are forwarded by the router
>>on to corresponding (perhaps not identical) ports on one or the other
>>local machine. SO I imagine something like this:
>>
>>from work, I type:
>>
>>ssh -p 2000 -l me mydomain.dyndns.org
>>which gets to the router; the router sees that it's supposed to forward
>>requests on port 2000 to 192.168.2.199; 192.168.2.199 picks up the
>>request and an ssh tunnel is formed
>>
>>on the other hand, if I type
>>ssh -p 3000 -l metoo mydomain.dyndns.org
>>the router sends the request to 192.168.2.254 instead.
>>
>>THanks much,
>>
>>matt
>>
>>
>>
>>--
>>To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
>>with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>>
>>
>>
>>
>
>
>
Reply to: