At 06:35 PM 5/21/2008, Doug Hardie wrote:
I have an unusual situation that I suspect is not practical, but just
in case...

I have a class C network with a T1 to the internet.  There are a
number of hosts on that network.  Unfortunately the T1 line is just
part of a path with several additional links before it gets to the
upstream ISP.  Some of those links are relatively prone to outages.
In the same facility, I have a number of WiFi access points that are
connected through a router to a DSL connection to the internet.  That
path is completely independent from the T1 and actually goes through a
completely different set of central offices.

What I have tried to do is to link the DSL router to one of my hosts
via a separate NIC and address that is on the LAN of the WiFi router.
So far all is good.  I can ping any of the access points from that
host just fine.  I have established a pass through port in the DSL
router for SSH that sends the packets to that host.  Sure enough, ssh
packets are received by the host.  The problem is that it does not
respond on the right interface.  The routing table uses a default
route through the T1.  Thats where the sshd responses are being sent.

Since I have no a priori knowledge what IPs I would have available
when I need to use this back door, I can't pre-setup the routing
table.  I need sshd to respond on the same interface it receives the
packets from.  I don't believe that is possible using IPv4 routing.  I
think that it is using IPv6 but none of the networks involved support
that yet.  I don't find any option in sshd to force it to respond on
the right interface either.  Is there something I have missed?

You need to set the correct listen address in /etc/sshd_config then restart sshd.

Also you may need to provide a route for this interface if it cannot find it's own route.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to