Date: Mon, 12 May 2003 12:56:22 +0200 (CEST) From: Niklas Saers Mailinglistaccount <niklasmls@doriath.saers.com> To: questions@freebsd.org Subject: SSH nat-forwarded Message-ID: <20030512124842.F32710@doriath.saers.com>
next in thread | raw e-mail | index | archive | help
Hi, I've got a firewall that forwards ports to SSH-ports on boxes it protects. This has been good for all 4-STABLE boxes, but I've recently put up a CURRENT box. I can SSH to the firewall and from the firewall to the CURRENT box, but I do not get a proper connection when having it forwarded through the firewall. Let's say my external box 'ext' is on 193.1.2.3, my firewall 'fw' is on 193.2.2.1 and my internal CURRENT-box on 192.168.5.1 'fw' masquerades using "/sbin/natd -interface fxp0 -redirect_port 192.168.5.1:22 5051" and "firewall": ipfw add divert 8668 ip from any to any via fxp0 ipfw add allow ip from any to any from 'fw' "telnet 192.168.5.1 22" gives the classic "SSH-1.99"-etc while from 'ext' "telnet 192.2.2.1 5051" gives no greeting at all. It listens and terminates the connection after a short while. Any suggestions to why ssh doesn't connect correctly? I've forwarded other ports to other services on the same box and it works flawlessly. Thus I suspect that 'sshd' understands I've forwarded this connection and doesn't like it the least bit. Can I turn of this hypersensitivity? Cheers Nik
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030512124842.F32710>