Re: [SLE] Using SSH remotely to access a LAN?

From: Jeff Bankston (suse_at_mail.bciassociates.com)
Date: 01/13/04

  • Next message: Sid Boyce: "Re: [SLE] What are kernel library options?" 
    To: suse-linux-e@suse.com
Date: Mon, 12 Jan 2004 18:22:08 -0500

    Bruce Marshall wrote:

    > On Mon January 12 2004 04:24 pm, Jeff Bankston wrote:
    >> Has anyone ever set up SuSE (I'm using v9) as a server inside of a
    >> private LAN, and accessed it while on the public internet? I need to do
    >> something like have the SuSE server act as an SSH tunnel termination
    >> point, and provide access to the internal LAN whilst I'm connected on
    the
    >> public Internet.
    >>
    >> If you were to go to www.vandyke.com and look at their VShell SSH
    server,
    >> this is what I'd like to do without the cost of such server software.
    >>
    >> Thanks for any suggestions,
    >>
    >> -Jeff
    >
    > I have done this... by doing this:
    >
    > 1) The network setup was: internet --> DSL modem --> Router --> all
    > boxes on internal LAN
    >
    > 2) I put sshd on all boxes and used a high port > 10000 for all ssh (a
    > little harder for someone to find)
    >
    > 3) In the Router, I did a port forward of that high port to one of the
    > boxen.
    >
    > 4) Once you get into that port-forward box, you can ssh to the other
    > boxes.
    >
    > The key is to get your ssh 'call' forwarded to one of the internal LAN
    > boxes. Either your firewall or a Router could do that for you.
    >
    >
    >

    Close, so let me clarify a bit.....

    I SSH to the Linux box which terminates the SSH tunnel, and that Linux box
    now acts like a local router on the network and gives me clear IP access to
    the other servers on the lan. No sshd on anything, just clear IP access.
    Mainly because most of the other servers are all Windows NT4 boxes not yet
    converted to Linux as a server. Two of the servers quite unfortunately must
    remain as NT4, hence the clear IP access once inside of the LAN.

    Thanks, Jeff 

    -- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com
  • Next message: Sid Boyce: "Re: [SLE] What are kernel library options?"

    Relevant Pages

    • RE: Firewall Rule Set not allowing access to DNS servers?
      ... > My LAN is configured with static IP addresses, ... > I have full connectivity with the internet from every machine on my ... > # Allow out access to my ISP's Domain name server. ... > # Interrogate packets originating from the public internet ...
      (freebsd-questions)
    • Re: MSSQL Server Gateway
      ... I personaly don't think it's possible to do this with ISA and/or Proxy ... Server but I was told otherwise and just try to figure out if I'm wrong ... - Client in private LAN wants data from SQL Server DB in secure private ... to the other LAN Segment but have a "nat relationship" to the Internet ...
      (microsoft.public.isa)
    • ISA configuration
      ... configured with a Proxy configuration pointing to your ... Server on port 8080. ... all destinations for the Backoffice Internet Users group. ... pointing to the primary LAN address by opening your FW ...
      (microsoft.public.windows.server.sbs)
    • Re: Fedora Box with TWO NICs (NEED HELP!) (fwd)
      ... > You have a cable modem on the LAN for office internet access. ... > You have a DSL connected to the server to provide a public web service. ...
      (Fedora)
    • Problem dial-in server with internet connection
      ... DHCP server for my LAN. ... Internet users. ... connection between our office and a home user. ...
      (comp.os.linux.networking)