On Sat, 2003-05-31 at 22:18, John Noll wrote: > Thanks for the advice! Being a newbie I could really use a little more > direction for how to go about setting up such a VPN connection. I > really don't have a clue where to start. Pretty much everytthing I do > in linux is done by following step-by-step how-to's.
There are some howtos on doing CIPE vpn connections. Google probably reveals a few. I will give more details when I can. > > Your help would be greatly appreciated. Having just read the slashdot article today on mounting file systems using ssh, I suggest you take a look at some of the solutions suggested there, including lufs. See http://slashdot.org/article.pl?sid=03/06/01/1521228&mode=flat&tid=106&tid=185 Michael > > thanks, > > john > > > > > On Sat, 2003-05-31 at 21:57, Michael Torrie wrote: > > On Sat, 2003-05-31 at 21:19, John Noll wrote: > > > I've been trying to set up nfs for quite some time now. I found a good > > > how-to and I've gone through the RedHat documentation. From what I have > > > read it seems the only reason I cannot mount the share I've set up on > > > the nfs server is the firewall on the server. My nfs server is just my > > > desktop running redhat 9. The graphical "security level configuration" > > > tool gives me the option to allow services like http, ftp, ssh, etc. but > > > I don't see anything about nfs. > > > > Punching NFS through the firewall is extremely difficult. This is > > because NFS doesn't run on a certain port all the time. Instead, the > > client usually connects to the Portmapper (which does run on a specific > > port) and asks for the nfs port. Then it connects to that. Since the > > NFS port is always different, you have to write a script that queries > > the portmapper for the NFS port and then opens up a hole for that. This > > is commonly done to allow some nfs access into a DMZ, for example. > > Apparently Ed Schaller has written scripts to do this before. > > > > I would highly avoid punching nfs through the firewall. NFS is > > extremely insecure and you cannot trust the clients. > > > > The most secure way to connect machine a to machine b's nfs through a > > firewall is, in my opinion, to set up a VPN connection (say using CIPE, > > which RH9's wizard supports). > > > > > > Michael > > > > > > > > I've seen a lot of posts about firewalls over the past few months and it > > > seems pretty daunting. I'm just trying to change the configuration > > > enough to allow my desktop to mount an nfs share hosted on my desktop. > > > > > > Any help? > > > > > > thank you, > > > > > > john > > > > > > > > > _______________________________________________ > > > newbies mailing list > > > [EMAIL PROTECTED] > > > http://phantom.byu.edu/cgi-bin/mailman/listinfo/newbies > > > > _______________________________________________ > > newbies mailing list > > [EMAIL PROTECTED] > > http://phantom.byu.edu/cgi-bin/mailman/listinfo/newbies > > > _______________________________________________ > newbies mailing list > [EMAIL PROTECTED] > http://phantom.byu.edu/cgi-bin/mailman/listinfo/newbies _______________________________________________ newbies mailing list [EMAIL PROTECTED] http://phantom.byu.edu/cgi-bin/mailman/listinfo/newbies
