> I recently switched out a Dachstein floppy firewall with a > Dachstein CD firewall. The major difference between the > two firewalls was the addition of ssh on the new one running > DCD. My problem is any attempt to ssh to a WAN client ends > in a "server refused a secure connection" error. I can ssh to > the firewall itself from any LAN computer and I can ssh to > a remote host from the firewall itself fine. It appears as if > the firewall is not forwarding the ssh request packets to > the WAN boxes. > > I have been unable to find the same error in the archives > and since I am initiating the connection on the LAN, the > connection should be using a non-priviledged port. > Is there anyone else that has run into this error and/or > has someone come up with a better solution than simply > eliminating ssh on the firewall???
The above is very strange...you shouldn't have any problems connecting via ssh to a remote machine just because you run ssh on the firewall. I run ssh on all my Dachstein-CD boxes, and can ssh to either the firewall or various remote hosts with no problems. Can you really connect with exactly the same setup, excpet for Dachstein-floppy instead of Dachstein-CD as your firewall? With the error you report, I'd suspect something more like: - Remote server is refusing connections on port-22 (ssh) - Remote server only accepts ssh-V2, and you're running ssh-V1 - Remote server configured to only allow connections authenticated by public key - Incorrect username/password embedded in some gui ssh client ...or similar issues, unless of course, you manually added some REDIRECT rules to the ipchains ruleset or something :-) Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
