Re: [ts-7000] Re: SSH Tunneling

To:
Subject:	Re: [ts-7000] Re: SSH Tunneling
From:	Jeff Cunningham <>
Date:	Wed, 13 Jun 2007 05:11:45 -0700

Yan Seiner wrote:
>
> --- In  .com <ts-7000%40yahoogroups.com>, 
> "Jamey" < .> wrote:
> >
> > Hi,
> >
> > Can anyone recommend a decent way to get information to/from a TS-XXXX
> > placed behind a firewall?
> >
> > I have the need to maintain a series of these critters long distance
> > and seperated by a firewall. Our IT gestapo here has stonewalled my
> > efforts for remote access and I need a way to get around them. I will
> > make it legit later.
> >
> > I was doing a little reading on (open)SSH and tunneling/ port
> > forwarding and it looks promising. There was even a cookbook recipe in
> > the faq on how to do it. What I am looking for is actual users who
> > have field deployed systems like this and any successes or problems
> > they have encountered.
>
> If you can start ssh on the remote end, set up your ssh so you don't
> need passwords. Then just have the remote end call you. You can then
> tunnel back into the box. I forget the exact incantations, but it has
> to do with forwarding local port 22 to remote port XX22, then ssh to
> localhost:xx22.
>
SSH may work, but it requires that your corporate firewall not be 
blocking port 22 and also that it route all port 22 requests to your 
inside device. Remember - your corporate LAN looks like a single IP 
address to the outside world. Fat chance if its a Microsoft firewall: 
they train IT people that SSH is "risky" and shut it and other useful 
ports down (like they know anything about security).

But all may not be lost. Typically, big companies have people with 
laptops who work across the firewall using VPN (e.g. executives need to 
read their email from their off site retreats). Which means that they 
have something set up to route outside messages to inside LAN addresses. 
You need to find out what they are using, then set up a similar VPN 
daemon listening on your device which will respond to messages routed to 
it by you. Another possibility is VNC, although its a bigger hammer than 
you probably want. Look into 'tightvnc'.

"This is Unix - there's always a way".

--Jeff


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/ts-7000/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/ts-7000/join
    (Yahoo! ID required)

<*> To change settings via email:
     
    

<*> To unsubscribe from this group, send an email to:
    

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

<Prev in Thread]	Current Thread	[Next in Thread>
[ts-7000] SSH Tunneling, Jamey [ts-7000] Re: SSH Tunneling, Yan Seiner Re: [ts-7000] Re: SSH Tunneling, Markus Peuhkuri Re: [ts-7000] Re: SSH Tunneling, Jeff Cunningham <=

Previous by Date:	Re: [ts-7000] Re: SSH Tunneling, Markus Peuhkuri
Next by Date:	[ts-7000] Re: rebuilding the SD image, walter woodrow
Previous by Thread:	Re: [ts-7000] Re: SSH Tunneling, Markus Peuhkuri
Next by Thread:	[ts-7000] Bizarely slow read times from SD cards on TS7300, Yan Seiner
Indexes:	[Date] [Thread] [Top] [All Lists]

Disclaimer: Neither Andrew Taylor nor the University of NSW School of Computer and Engineering take any responsibility for the contents of this archive. It is purely a compilation of material sent by many people to the birding-aus mailing list. It has not been checked for accuracy nor its content verified in any way. If you wish to get material removed from the archive or have other queries about the archive e-mail Andrew Taylor at this address: andrewt@cse.unsw.EDU.AU