[TriLUG] ssh 'through' a firewall
Douglas Kojetin
djkojeti at unity.ncsu.edu
Sat Apr 24 12:22:53 EDT 2004
hi all-
thanks for all the comments. let me explain my setup better (i gave a
poor description of it before):
we use a sonicwall firewall, and behind it are several computers. i
have two IP addresses: one for the firewall unit, and one that i use
for port forwarding through the firewall to a computer (IPs made up).
the firewall is in 'stealth' mode.
internet
--- firewall ('external' ip address: 10.0.0.0 with a web-visable
hostname; internal ip address: 3.0.0.0)
-- box 1 ('external' port forwarded ip address 10.0.0.1 with
a web-visable host name, which points to the internal ip 3.0.0.1)
-- box 2 through 5 (internal ip 3.0.0.2 through 3.0.0.5)
what i usually do is:
# ssh to the port forwarded, web accessible box
ssh -X user at 10.0.0.1
# ssh from that machine to other machines behind the sonicwall firewall
that do not have port forwarding hostnames/ip addresses)
ssh -X user at 3.0.0.2
maybe my setup is inefficient? should i setup in my firewall the
second IP address (10.0.0.1) to port forward SSH at higher ports to the
other boxes? can i do that (say, 2222 for box2, 2223 for box3, 2224
for box4, and so on)?
thanks,
doug
More information about the TriLUG
mailing list