l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
January 6: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2001 Dec 30 17:04

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Trying to understand my own WAN
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Trying to understand my own WAN


  • Subject: Re: [vox-tech] Trying to understand my own WAN
  • From: Ted Deppner <ted@MAPSpsyber.com>
  • Date: Sun, 06 May 2001 16:03:51 -0700
  • References: 001301c0d66d$f7728230$0201a8c0@roscoe

On Sun, May 06, 2001 at 03:48:52PM -0500, Jay Strauss wrote:
> Trying to do Xterm from the internal LAN:
>     I figure I have to run an SSH (openSSH) server somewhere inside my DMZ.
>     My LRP box will let me SSH to the DMZ - i.e. it will let all outbound
> packets thru
>     I don't get how I allow X to send its display from the DMZ to the
> Internal LAN
>         thru the LRP?  I don't think I portforward, I think I have to open a
> hole in the LRP
>         for SSH connections - Is this right?

use "ssh -X" and make sure you've got X forwarding turned on in your
sshd.conf (assuming openssh -- ssh2 may be different).  ssh -X into your
inside box on the other side, it'll tunnel all the way back.

> Now for the hard part, I want to manage my oracle server from home
>     I SSH to my ssh server in the DMZ
>     Then I have to SSH from the SSH server to the oracle server?
>     Then I start my start xterm and tell it to send the display home?
>     Once the packet get home, How do my commands make it back to the oracle
> server?  The Linksys will portforward SSH to
>         the SSH server not the oracle Server.
>     How are my packets even going to make it home - won't my firewall and
> LRP box at home going to block them?

You can use ssh for this, and it's quite easy provided you map all the
ports you need, if you have to map twice it starts to get messy though.

alternatively, look at vtun.  http://vtun.sourceforge.net/

You can add a little private virtual network with ease using vtun.  you
may want to vtun to your inside box when the ip comes from your outside
firewall... this'll make your life easier.


I've found ssh to be nice and useful for "point to point" type
applications, xterms, etc... but vtun is very nice to connect private lan
to private lan in a nice transparent way.

vtun is a package under debian, which makes it very easy to use.

-- 
Ted Deppner
http://www.psyber.com/~ted/


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!