Esteban Ordóñez wrote: > On external access I have: > > Proto Source IP Destination IP Destination port Action > TCP ALL DEFAULT IP 113 > TCP x.x.x.x DEFAULT IP 22 > TCP x.x.x.x DEFAULT IP 10443 > > x.x.x.x is my public ip on my remote location > > Please give me a hand. Thanks. > This should work. But the method I described should be safer: instead of the 2 last external access rules (might be hacked, if someone simulates youir IP x.x.x.x), you can port forward: TCP DEFAULT IP : 55555 192.168.1.3 : 22(SSH) Servidor OpenSSH This rule can be restricted to your remote IP (x.x.x.x) by clicking the red "Plus" symbol. Don't use port "55555", it's just an example. Also don't open port 22 to the internet, you'll get many attacks, even unsuccessful, they'll fill up your logs.
If you have a Linux server in the LAN (192.168.1.3 in this example), it will probably already have OpenSSH installed and listening on port 22. You just have to tighten the /etc/sshd.conf. I recommend disabling root login and password authentication - allow only users with a key, which, under windows, you can create with PuttyGen.exe (http://www.chiark.greenend.org.uk/~sgtatham/putty/). - copy and paste the public part into /home/MyUsrName/.ssh/authorized_keys. - Save the private key on your remote PC. The SSH client (maybe Putty.exe, under windows) on your remote PC can use tunnels (see Putty.hlp file if you can't find tunnel setting). - Set a tunnel: L 443 to 192.168.1.3:22. When your SSH session is active, you can get the efw Webadmin page by typing https://localhost. Good luck, Stefan PS: if you only have windows servers behind your firewall, you can use CopSSH or Cygwin, both include the OpenSSH server compiled for Windows... ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
