From owner-freebsd-questions Mon Dec 18 16:42:10 2000 From owner-freebsd-questions@FreeBSD.ORG Mon Dec 18 16:42:06 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from claire.namodn.com (namodn.com [209.0.100.49]) by hub.freebsd.org (Postfix) with ESMTP id B3D9A37B400 for ; Mon, 18 Dec 2000 16:42:06 -0800 (PST) Received: from robert by claire.namodn.com with local (Exim 3.12 #1 (Debian)) id 148Ar0-0006Hb-00; Mon, 18 Dec 2000 16:42:06 -0800 Date: Mon, 18 Dec 2000 16:42:06 -0800 From: Rob To: questions@freebsd.org Subject: [dtalk@prairienet.org: Re: NAT and SSH tunneling] Message-ID: <20001218164206.B21819@claire.namodn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Organization: Namodn Artists - http://www.namodn.com X-OS-Type: Debian GNU/Linux 2.2 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thanks for the response! I actually figured out it was on my end, so I just wanted to attach a "resolved" message to this for the archives.. The client was a Mac, so it was just difficult to tell what is going on.. but CVS pserver on FreeBSD through an SSH tunnel to a NAT'd Mac running CodeWarrior does indeed work just fine, once the Mac is configured properly. ----- Forwarded message from David Talkington ----- Date: Mon, 4 Dec 2000 19:30:18 -0600 (CST) From: David Talkington X-Sender: dtalk@sherman.spotnet.org To: Rob cc: questions@FreeBSD.ORG Subject: Re: NAT and SSH tunneling In-Reply-To: <20001204155054.A11649@claire.namodn.com> -----BEGIN PGP SIGNED MESSAGE----- Hi Rob -- Let me first qualify this by saying that I haven't tried NAT on FreeBSD, so my advance abject apologies if there's something particular about FreeBSD's implementation which renders my response here irrelevant. However, in principle, tunneling through NAT works ok. I use the SSH Communications server and client, and can do this from a Linux workstation through a Linux NAT gateway. I run this command on the workstation: ssh -L 2300:remotehost:23 remotehost and log in as usual. Then on the workstation, do: telnet localhost 2300 And I connect to remotehost via the tunnel. This works with any service I choose. I don't know anything about the internals of CVS, so perhaps if it uses a two-way connection (like ftp), this might not work. I hope this is of some use to you. - -d - -- David Talkington Community Networking Initiative dtalk@prairienet.org 217-244-1962 PGP key: http://www.prairienet.org/~dtalk/dt000823.asc Rob wrote: >Hi, > > >I'm trying to do an SSH tunnel through a FreeBSD server >running natd to a CVS server listening to a pserver on >it's local interface. > >I have managed to get this working from a routeable IP, >but when I attempt to set up a tunnel from a non-routeable >that is being NAT'd, the non-routeable machine opens the >port ( 2401 ) but it doesn't seem to make it to the other >side ( the CVS server outside the NAT firewall ). > >Is there a special consideration for SSH tunnels through >NAT that I am not understanding? Is it actually possible? :) > >Thanks, and please reply to me directly as I am subscribed >to the list from this account. > > >Rob Helmer >Namodn > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.75-6 iQEVAwUBOixFNL1ZYOtSwT+tAQFmaQf/bzaLFc+MaT5/yZ1LGL57ygiA84L+E3ql foJhYGHKHzVaG/Bmq5tWegQwkr0YiFcumrEWVKN4Dz/J+782PuqSzkqwdJl4pAcQ JR/Ojk7KKuYvYL5QGiuMAk1VF2qPLkZ77L1M7gPzvqrJ4KirYoFZacxw0mREF6ie 4sOb8eGw16MMqZ/OkODbstCUYeTm14Yz729z3XGrLDMDkCHU1PjOv2pLCBM3khs/ tMv0aN8KmHuKCo9ftjHTR6C9DNhbjxCySoeI/9UaVQIS5J3MPJYJxLr7BWRv8IrN EH1CAc5B3GGSI+wsF+PEVU9Mvwz8uzEUEJmz9g+qQiu8okf3hXIcUw== =Fk/+ -----END PGP SIGNATURE----- ----- End forwarded message ----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message