Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 9 Dec 2002 16:17:33 -0800 (PST)
From:      Brian <bri@sonicboom.org>
To:        Joshua Lokken <inspector.us@omicnet.com>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: SSH through firewall
Message-ID:  <20021209161652.S69024-100000@entwistle.sonicboom.org>
In-Reply-To: <OAEGJMOGEKPEGCNHFDFFAEBLCCAA.inspector.us@omicnet.com>
References:  <OAEGJMOGEKPEGCNHFDFFAEBLCCAA.inspector.us@omicnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
could use port forwarding to a hi numbered port, forward a hi port on the
gateway to a port on the dest box.

	Bri


On Mon, 9 Dec 2002, Joshua Lokken wrote:

> Hello all
>
> I asked this question a couple of weeks back, but have not yet been able to
> make this work.
>
> I often transfer files to my home machines from work using scp.  Currently,
> if I want to move a file to a machine on my LAN, I first have to copy the
> file to a user home dir on the gateway box, then recopy it from the gateway
> to the internal box.  How do I avoid this extra step?  eg,
>
> 130.94.160.46  ------------------>  12.225.249.250  -------------------->
> 10.0.0.2
> (remote machine)                       (gateway)       |
> (LAN)
> 								       ----------------->  10.0.0.10
>                                                        |
>                                                        ----------------->
> 10.0.0.15
>
> I have tried this:
>
> in /etc/rc.conf:
>
> natd_enable="YES"
> natd_interface="ed0" # outside interface
> natd_flags="-f /etc/natd.conf"
>
> and in /etc/natd.conf:
>
> dynamic yes
> redirect_port tcp 10.0.0.2:22 22002
> redirect_port tcp 10.0.0.10:22 22010
> redirect_port tcp 10.0.0.15:22 22015
>
>
> Near the top of /etc/firewall.conf I have:
>
> $fwcmd $flags add divert natd all from any to any via $oif
>
> Connecting to the gateway on port 22 works fine, but all other connections
> (22002, 22010, 22015) time out.
> I have the proper keys in the proper places and the hosts files are OK.  I
> appreciate any help.  Please cc me, as this address is not subscribed to the
> list.  Thanks!
>
> --
> Best Regards,
>
> Joshua Lokken
> OMIC Portland Branch
> inspector.us@omicnet.com
> 503 807 6538
> ------------------------->
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021209161652.S69024-100000>