Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So, I still have to set up a VPN? Now I think I need some VPN troubleshooting because I set Windows XP at home to accept connections, and windows XP at school to connect, but the machine at school said it couldn't connect. I could access my ftp server from internet explorer, but I just couldn't get the VPN going, so I'm assuming that the VPN connection is the problem. It could also be a block port on the router, but that is unlikely. I don't have a firewall enabled on either computer. I am now going to try a Windows XP VPN howto (the one on the help index said it was an unknown code). Wish me luck!!
You will either need to set up a VPN or SSH but not both. What VPN are you using?
To determine wheteher a particular port is blocked/available try this. Think of it as ping on steroids. This is a Win32 application. nmap in the Linux world does much the same thing.
How do I connect using SSH if I can only talk to the router and it doesn't let me in?
By the way, (with VPN) will I be able to access computers on the same network as the CLIENT? I know the client can access the server's, but can the server access the client's LAN?
Last edited by hotrodowner; 11-17-2002 at 11:32 AM.
Originally posted by hotrodowner How do I connect using SSH if I can only talk to the router and it doesn't let me in?
By the way, (with VPN) will I be able to access computers on the same network as the CLIENT? I know the client can access the server's, but can the server access the client's LAN?
Sorry about the delay. Had to go onsite with a client for a few days.
As far as how do oyu connect with SSH. You can connect using SSH (or VPN for that matter) because you will be initiating the cnnection from the machine befind the router. Then when you get home you will use the already established connection to by pass the NAT.
In the case of a VPN the initiater of the tunnel effectively becomes part of the LAN segment at the destination. I.E. You Linux box as the initiator will become part of the LAN segment that the Windows box is on and will be able to acess things on that segment, if you do not restrict access through the VPN. It would probably be wise to restrict access though.
I am unable to establish a vpn because the vpn port is blocked. I don't understand how to backtrack through an ssh tunnel, as far as I know, the connection is one-way. If someone ssh'ed my computer, I wouldn't even know it!! how can I backtrack to the host of the ssh connection when I am on the server?
Go to post 27 and read the page from the first link. That explains what I am suggesting except we will be reversing the portforwarding. i.e. from the remote to the local rather than from the local to the remote.
I don't mean to be a bother, but I don't think I understand what I'm reading. This article says that I can forward packets on the localhost to those on a remote host. I cann't even see the computer around the router, how do I forward connections to a port if the computer cann't even be seen. I can see mine from inside the network, but I cann't see the school computer from outside the network. I need access to the computers' IP address, then I can handle it. Can I change the port VPN uses on the client and server?
Originally posted by hotrodowner I don't mean to be a bother, but I don't think I understand what I'm reading. This article says that I can forward packets on the localhost to those on a remote host. I cann't even see the computer around the router, how do I forward connections to a port if the computer cann't even be seen. I can see mine from inside the network, but I cann't see the school computer from outside the network. I need access to the computers' IP address, then I can handle it. Can I change the port VPN uses on the client and server?
What I am suggesting is that you cna forward the packets from the remote host to the local host. The reason you can do this is because the local host, not the remote, established the connection. And yes depending on the VPN solution you are using oyu could change the port it uses.
So your saying I can connect to the outside computer from inside the network (by logging on to it with ssh), and then physically go to the outside computer, start ssh, and logon to the computer protected by the router?
I think httptunnel might be a good idea, by what I think I understand about it. my situation now, is that I need to get to a ftp server inside the school. I figured if I could figure out how to use this software, then I could set up a server on the outside, a client on the inside, and then connect to the my home computer from the inside, go home, and then ftp my computer at school. Does anyone know how to use this software, or have another good idea for acomplishing this?
I think I would go wth ssh if you need a shell login.
The only way I can see it working reliably is for the router to do port forwarding to your internal system.
if you can do that then the ssh connection to the internet address will be forwarded to your internal system.
The other way would not require the router to be configured for port forwarding. However the internal machine would need to make the connection and establish a remote forward of a local port. It would also need to check the connection and if the connection was lost it would need to reconnect.
This would in a sense make the internal machine the client and your home system the server.
If the connection is made and a local port on the client is forwarded to the server's local port then a connection to the client can be made locally on the server.
You can use the ip address of your machine at home ( www.yourhomeserver.com) if you have no domainname
Now you will get the connection established
On the home machine...
Code:
ssh -p 513 127.0.0.1
The login prompt will be from the internal machine
Once the connection is established you will be logged into the machine inside the router. Any file transfers between the two machines can be established from the internal machine using ftp or whatever. The home server will be acting as an ftp server or sftp server, etc..
You can setup sshd to come up on port 22 and 513 in the
/etc/ssh/ssh_config file
You will probably want to set this up to use certificates instead of passwords, so you can do the connection from a script on the internal machine.
You will need a script on the internal machine that runs the ssh command, checks for the connection, and continues to try the connection when it fails.
Having a domainname for the home machine would be best. That way if your ip address changes for some reason you can fix the domainname from anywhere and the connection will be resumed without having to access the internal machine to change the script.
Last edited by DavidPhillips; 03-24-2003 at 01:16 AM.
I tried changing the port from 22 to 21, and internet explorer just gives me error messages. It worked for my web server on port 80, but not the ftp server. I just need to transfer files across it, I dont need remote logins.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.