[rescue] how to use a NAT/PAT to forward SSH to an internalbox
George Adkins
rescue at sunhelp.org
Sat Jan 5 23:21:52 CST 2002
> If you wanted to, you could probably write a client "wrapper" script and
> a server "wrapper" script that would do the port negotiation and the
> proxying setup and then allow the client and server to talk to each
> other and proxy the exchange.
>
I think that the "wrapper script" would be the way to go on the client side.
> > > To make this work, all of the internal machine names would have to
> > > resolve to your one external IP address.
> >
> > Yes, in the same way that http:// virtual servers work.
>
> Except the virtual servers like that I've played with are on the same
> machine. It also appears that http includes the hostname in the original
> request. (I checked this with a sniffer.)
>
I was referring only to having all the DNS records point to the same IP
address from the outside.
> This might be a neat thing to have, even if it did require a special
> client. Still, at that point you might as well just set up a proxy on
> your firewall on an odd port to take care of each incoming connection...
Yes, if you run with the "Wrapper script" idea, you can have it make contact
with the server side on an high port number, and then not interfere with
regular port 22 connections to the translation box.
I wonder if the "proxy" part would work as a script, of it would need to be
more sophisticated...
More information about the rescue
mailing list