From owner-freebsd-questions@FreeBSD.ORG Wed Aug 24 22:28:16 2005 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA8B616A41F for ; Wed, 24 Aug 2005 22:28:16 +0000 (GMT) (envelope-from me@hexren.net) Received: from helium.webpack.hosteurope.de (helium.webpack.hosteurope.de [217.115.142.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7B9E043D45 for ; Wed, 24 Aug 2005 22:28:16 +0000 (GMT) (envelope-from me@hexren.net) Received: by helium.webpack.hosteurope.de running Exim 4.51 using esmtpa from p548cbcc3.dip.t-dialin.net ([84.140.188.195] helo=hexren.steenbuck.net) id 1E83jC-00066h-OD; Thu, 25 Aug 2005 00:28:14 +0200 Date: Thu, 25 Aug 2005 00:28:13 +0200 From: Hexren X-Mailer: The Bat! (v1.62i) Business X-Priority: 3 (Normal) Message-ID: <17636973965.20050825002813@hexren.net> To: "Toomas Laasik" In-Reply-To: <20050824222126.930FB18733@portal.hot.ee> References: <20050824222126.930FB18733@portal.hot.ee> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: questions@freebsd.org Subject: Re[2]: anonymous ssh forwarding X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Hexren List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Aug 2005 22:28:17 -0000 >> Hello, >> On Thu, Aug 25, 2005 at 12:35:24AM +0300, Toomas Laasik wrote: >> > Hello, >> > I have the following situation. Our company has a ssh server where users can connect from only specified static ip addresses. Like I have at home an ip address 1.2.3.4 and ssh server accepts >> connections only from it. >> > Now I wan't to get access to that ssh server from places where I don't have static ip. >> > I already have at home a freebsd server running with simple configutation. Is it possible to make some kind of tunnel or something so I could connect to my home freebsd machine that connects to >> ssh server so that ssh server 'thinks' that I'm connecting from home? >> > >> > Thank you in advance. >> > >> > Sorry for bad English >> > >> > Toomas >> > >> Why don't you ssh into your home pc with static ip from your pc with dynamic ip >> and then ssh from your home machine into your "server"? > Using just ssh is no a problem. The machine with dynamic IP has WinXP and Putty on it. Setting remote command in Putty to "ssh user@wwwserver.com" eliminates even the need to type it in in putty > ssh console... > Anyway the problem comes when I want to use FileZilla to make SFTP connection over SSH2 connection through home computer. I've tried Putty's tunneling, but the other end of that tunnel is still my > home computer even tho my home computer is connected to www server with ssh. > So my approach is to find out how can I set something up on my home freebsd machine so that connecting to some port on it, it connects to www server ssh port. > Toomas >> --------------------------------------------- You could build up a VPN (OpenVPN comes to my mind) between your home and your roaming machine, set your home BSD machine up to act as a NAT gateway from the VPN to the World and then make a route on your roaming machine to the effect of using your home machine as the gateway for connecting to your office IP. I would guess that some combination of port forwarding (done in the Firewall) and NAT could also allow you to achieve your goal. But I like VPN solutions. Hexren