Thanks Tom, I will double check the listening address. It may have gotten changed somehow.
I'm not sure about your reference to 'odd requirement'. Do you mean choosing port 1021? My only intention is, that if external clients make an FTP request using default port of 21 that they get routed to 1021 on the appropriate machine. Saves me explaining to friends to use 1021. Would it be more appropriate to use a REDIRECT instead of DNAT?? John ======================================= Work: http://www.olgclotteries.com [EMAIL PROTECTED] 888-345-7568 ext. 2205 Personal: http://www.mullan.ca [EMAIL PROTECTED] MSN: [EMAIL PROTECTED] ======================================= Tom Eastep <[EMAIL PROTECTED]> To: John Mullan <[EMAIL PROTECTED]> Sent by: cc: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Re: [leaf-user] SSH question ceforge.net 14-02-03 10:04 AM John Mullan wrote: > Yes, they are intentional. I want to keep the FTP server on port 1021. If > anyone comes in from outside without specifying port 1021, they will still > get to my FTP server. That leaves me the future opportunity to have > another FTP server on 21 but only accessible from internal. > > At least, that is the way I figure it. Your first rule actually insists that the CLIENT port be 1021 -- rather odd requirement. > > I will attempt the Telnet idea later. Work doesn't open very many ports. > I don't even get port 80 access from this workstation :( > Also be sure that your sshd is listening on 0.0.0.0 and/or on the exernal IP address of your firewall. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED] ------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html