[Gllug] how do I ssh between different machines both behind 2 separate NA Ted firewalls
Richard Cottrill
richard_c at tpg.com.au
Mon Mar 24 15:16:37 UTC 2003
James Bailey wrote:
> Hi,
>
> I have been asked to make ssh connections between various machines which
> will be behind different NATed firewalls. AFAIK this can not be done
> without redesigning the firewall some thing I am told can not be done.
> Anyone out there come across this kind of problem before and found a
> suitable solution. Links to suitable RTFMs appreciated if I have missed
> something obvious.
>
> Peace Jim
>
I believe you're right; it's impossible without setting up port
forwarding /address translation on one of the firewalls. What is the
target for the outgoing connection? I believe there isn't a valid
address/port combination possible.
You could use some kind of proxy machine between the firewalls, that
each of your endpoints could log in to. This proxy would be an obvious
target for compromise of course, and would defeat the purpose of using
firewalls in the first place.
I think you got it right the first time.
Richard
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list