l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2001 Dec 30 17:04

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Trying to understand my own WAN
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Trying to understand my own WAN




> On Sun, May 06, 2001 at 03:48:52PM -0500, Jay Strauss wrote:
> > Trying to do Xterm from the internal LAN:
> >     I figure I have to run an SSH (openSSH) server somewhere inside my
DMZ.
> >     My LRP box will let me SSH to the DMZ - i.e. it will let all
outbound
> > packets thru
> >     I don't get how I allow X to send its display from the DMZ to the
> > Internal LAN
> >         thru the LRP?  I don't think I portforward, I think I have to
open a
> > hole in the LRP
> >         for SSH connections - Is this right?
>
> use "ssh -X" and make sure you've got X forwarding turned on in your
> sshd.conf (assuming openssh -- ssh2 may be different).  ssh -X into your
> inside box on the other side, it'll tunnel all the way back.
>

I take it you mean ssh -X from pc, and X forwarding needs to be turned on at
my firewall?

> > Now for the hard part, I want to manage my oracle server from home
> >     I SSH to my ssh server in the DMZ
> >     Then I have to SSH from the SSH server to the oracle server?
> >     Then I start my start xterm and tell it to send the display home?
> >     Once the packet get home, How do my commands make it back to the
oracle
> > server?  The Linksys will portforward SSH to
> >         the SSH server not the oracle Server.
> >     How are my packets even going to make it home - won't my firewall
and
> > LRP box at home going to block them?
>
> You can use ssh for this, and it's quite easy provided you map all the
> ports you need, if you have to map twice it starts to get messy though.
>
> alternatively, look at vtun.  http://vtun.sourceforge.net/
>
> You can add a little private virtual network with ease using vtun.  you
> may want to vtun to your inside box when the ip comes from your outside
> firewall... this'll make your life easier.
>
>
> I've found ssh to be nice and useful for "point to point" type
> applications, xterms, etc... but vtun is very nice to connect private lan
> to private lan in a nice transparent way.
>
> vtun is a package under debian, which makes it very easy to use.

I don't use debian, will it be hard under RH?  My client machines are M$,
Will I be able to use PUTTY?
I'm going to vtun's site right now.

>
> --
> Ted Deppner
> http://www.psyber.com/~ted/



_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.