Jerome R. Westrick wrote:
Hello Tage...
You didn't mention why you wanted to do this, but port since 3389 is the "RDP"
port I assume you want RDP access to your WINDOWS 2003 machine from the
internet.
You didnot mention any type of securtiy you have in place.
So Assuming you want what I do all the time, namely secure remote access
to machines in your network, I offer the follwoing solution:
I use SSH for secure remote access.
I use it ssh tunnels to build secure (encrypted) access to my local network.
I use something like the following:
ssh -L 3390:10.0.0.241:3389 [EMAIL PROTECTED]
This connects to the ssh server on machine.XXX.com
(In your case the SUSE server at 10.0.0.240)
asks you for your username and password.
then setups the following secure tunnel:
entrance in tcp:3390 on the local machine.
ie each package sent to 3390 on the local machine
is encrypted and forwarded to 10.10.10.240, where
it is decrypted, and sent (in the open) to 10.10.10.241:3389
This method works fine for RDP and many other applications.
It does not require that you mess with the firewalls
Has added value of security and is easy to setup.
Additionally, SSH also offers a file transfer protocol, so you can get secure
access to the files on 10.10.10.240.
The only disadvantage is that Windows does not come with an SSH client,
so that you will have download an install one.
The Defacto standard is "Putty". And the one almost every one uses.
While you are connected to the internet you should also download winscp3
which will give you access to the files on 10.10.10.240
Well a big explanation based on a whole bunch of assumptions...
If you decide to go this way, I can help give you some tips on improving
the default SUSE SSH configuration for type access...
Jerry
On Wednesday 16 May 2007 07:27, Darryl Gregorash wrote:
On 2007-05-15 22:38, Tage Danielsen wrote:
<snip>
The adress 10.10.10.240 is the server adress, and I have a Cisco
router on 10.10.10.1 the router has a public adress, and it map
another public adress to my server. So the server is acting as it's
own firewall, because the router is mapping the public adress to the
server and send all traffic to this.
Just set the router to map 0/0:3389 to the Win2003 server. It's probably
far more complicated and much more difficult to map everything to the
SuSE server, then have it remap this one port to the Win server. It
would also require the Win server to send traffic from this port (only)
back through the SuSE server, while everything else is sent directly to
the router.
--
Moral indignation is jealousy with a halo. -- HG Wells
Hello, - Thanks to Jerry, it sound like a good solution, but can the
windows client easy connect to the server?
You see, I have a internet connection with 8 ekstra IP's and each of
this IP is mapped down to a privat IP, and I feel that it is not a good
idea to give the windows server a public IP where all port service is
open. My cisco router is routing all port service down to my servers, I
am using Suse server now for 6 years that way, and have no problem with
this, but I am afraid forthe windows server, that is the reason for to
route just rdp servise fromone of my linux server to the windows server.
I am unable to make that fix in the router, that is the whole IP or nothing.
If I can use Jerrys suggest i like to try this, but it have to bee easy
for the windows users to use rdp.
Next what do I have to do?
Regards Tage
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
