Date: Thu, 30 Sep 2004 14:38:35 -0700 (PDT) From: "Richard Lynch" <ceo@l-i-e.com> To: "Mark Jayson Alvarez" <jay2xra@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: Is there a reverse Network Address Translation??? Message-ID: <2065.67.167.52.21.1096580315.squirrel@www.l-i-e.com> In-Reply-To: <20040930095458.54176.qmail@web51609.mail.yahoo.com> References: <20040930095458.54176.qmail@web51609.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Jayson Alvarez wrote: > Hi, > I wan't to access my pc at work from home through > freebsd's sshd. Is it possible?, knowing that it > doesn't have a public ip address? That workstation of > mine is only gaining internet access through LAN > servers and routers. Will it help if I know the > gateway ip where my workstation passes through and the > proxy as well as dns server's ip's? I know its > possible but I can't imagine the process, perhaps > something like a reverse network address > translation... Any idea? I think you would need to have the public IP LAN server/router ready, willing, and able to port-forward SSH packets to your personal workstation. Your work IT Administrator may, or may not, be willing to set this up for you. If *YOU* control the public-IP LAN gear at work, you need to set them up to "port-forward" anything on some port that the public-IP LAN gear isn't using to your desktop workstation. You'd think that SSH needs port 22, but if that's already in use, you can: 1. Configure the public-IP to accept/forward port 222 (or whatever) to your desktop workstation. 2. Configure sshd on the desktop workstation to accept traffic on 222 and use sshd to handle that traffic. 3. Use ssh -p 222 USER@PUBLIC_IP at home to log in to the desktop at work. The PUBLIC IP box gets the connection on 222, forwards it to your desktop, and you're in like Flynn. If the "PUBLIC" IP is dynamic (IE, cable modem, DSL, etc) you can also set up software to create a valid domain name for it using something like: http://dyndns.org or one of a few dozen other similar services. In that case, you'd install a small client on the PUBLIC IP box which will notify the DynDNS folks whenever your IP changes, then they update the DNS routing tables for you, and Whammo! you don't really care that your IP is dynamic because they tied a domain name to it for you. If you can't alter the PUBLIC IP LAN gear at work, then I don't think you can manage to ssh in to your desktop box. -- Like Music? http://l-i-e.com/artists.htm
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2065.67.167.52.21.1096580315.squirrel>