Re: [qubes-users] webdev wondering how to ssh to my local webserver on the lan

[random815815]

On Thursday, August 3, 2017 at 9:05:46 PM UTC+10, Francesco wrote:
> On Thu, Aug 3, 2017 at 7:15 AM,   wrote:
> thanks for your reply. that helps a lot. i understand what youre saying. 
> qubes is running its own nat for all the internal vm's on its own lan ip, and 
> so i should have no problem connecting from any qube to my webserver on the 
> lan because its on the sys-net address. then its either a problem with my 
> firewall or my router's firewall. and i can figure it out by sniffing the 
> traffic with iptables on the sys-net to see where the blockage is occuring. 
> that clears up some confusion, thanks.
> 
> 
> 
> 
> 
> I have various servers on the local lan and I can connect directly with their 
> address 192,.168.1.x with ssh, firefox, even nautilus without problems and 
> without touching the firewall or any other configuration. 
>  
> 
> --
> 
> You received this message because you are subscribed to the Google Groups 
> "qubes-users" group.
> 
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to qubes-users...@googlegroups.com.
> 
> To post to this group, send email to qubes...@googlegroups.com.
> 
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/qubes-users/6e79ce74-e074-48b9-8dbe-fe8dc7793d5a%40googlegroups.com.
> 
> 
> 
> For more options, visit https://groups.google.com/d/optout.

ok, it does work, i had a vpn running which was blocking it (doh!), thanks for 
the replies.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b93f2c7b-2e35-4ada-8aff-57bd21bedab5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] webdev wondering how to ssh to my local webserver on the lan

[Franz]

On Thu, Aug 3, 2017 at 7:15 AM,  wrote:

> thanks for your reply. that helps a lot. i understand what youre saying.
> qubes is running its own nat for all the internal vm's on its own lan ip,
> and so i should have no problem connecting from any qube to my webserver on
> the lan because its on the sys-net address. then its either a problem with
> my firewall or my router's firewall. and i can figure it out by sniffing
> the traffic with iptables on the sys-net to see where the blockage is
> occuring. that clears up some confusion, thanks.
>
>
I have various servers on the local lan and I can connect directly with
their address 192,.168.1.x with ssh, firefox, even nautilus without
problems and without touching the firewall or any other configuration.


> --
> You received this message because you are subscribed to the Google Groups
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to qubes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to qubes-users@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/qubes-users/6e79ce74-e074-48b9-8dbe-fe8dc7793d5a%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAPzH-qCQoQL%3D0j9xTJPgyrYbrgbspqDVTanuRJGxxHFMh_OnzQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] webdev wondering how to ssh to my local webserver on the lan

[random815815]

thanks for your reply. that helps a lot. i understand what youre saying. qubes 
is running its own nat for all the internal vm's on its own lan ip, and so i 
should have no problem connecting from any qube to my webserver on the lan 
because its on the sys-net address. then its either a problem with my firewall 
or my router's firewall. and i can figure it out by sniffing the traffic with 
iptables on the sys-net to see where the blockage is occuring. that clears up 
some confusion, thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6e79ce74-e074-48b9-8dbe-fe8dc7793d5a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] webdev wondering how to ssh to my local webserver on the lan

[Unman]

On Wed, Aug 02, 2017 at 01:59:00PM -0700, random815...@gmail.com wrote:
> hi friends. 
> 
> im new to qubes and ive looked all all the documentation and videos, however 
> i still can't figure out how to connect to my local ubuntu webserver from my 
> work qube to do some web development. i know, i know, its probably really 
> easy, but ive spent a couple of hours trying various things that haven't 
> worked, so could you help?
> 
> my lan ip is 192.168.2.0/24
> my webserver is 192.168.2.10
> my qubes appvm's are all running on 10.137.2.0/24 (so obviosuly the qubes 
> can't talk to the lan because theyre on different subnets)
> but my qubes network connection is on 192.168.2.0/24
> 
> ive tried a bunch of stuff to try to get a 192.168.2.0/24 address on my work 
> qube, but im out of ideas. please help me make my venture into qubes less 
> stressful and more productive for myself and possibly any other web 
> developers who are confused by this. 
> 
> thanks,
> -r815
> 

If you have default setup then you will have 
work -- sys-firewall -- sys-net

The default setup uses MASQUERADE, so traffic from the work qube will
appear to come from the external IP of sys-net.
So you Dona need to get an 192 address on the work qube.

You don't say what you tried - if you tried to ssh direct, or if you
started to reconfigure before trying that.
Go back to the initial setup.
Try to ssh from work qube.
Use iptables -L -nv to watch the traffic on sys-firewall and sys-net,
and you should see outgoing SSH traffic on FORWARD chain, and return
traffic.

Most of the time you can debug the problem without using a sniffer, but
if needed you could run tcpdump on sys-net, to get a handle on what is
happening.

unman

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170802213723.ig3t4anbrcop3abo%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] webdev wondering how to ssh to my local webserver on the lan

[random815815]

hi friends. 

im new to qubes and ive looked all all the documentation and videos, however i 
still can't figure out how to connect to my local ubuntu webserver from my work 
qube to do some web development. i know, i know, its probably really easy, but 
ive spent a couple of hours trying various things that haven't worked, so could 
you help?

my lan ip is 192.168.2.0/24
my webserver is 192.168.2.10
my qubes appvm's are all running on 10.137.2.0/24 (so obviosuly the qubes can't 
talk to the lan because theyre on different subnets)
but my qubes network connection is on 192.168.2.0/24

ive tried a bunch of stuff to try to get a 192.168.2.0/24 address on my work 
qube, but im out of ideas. please help me make my venture into qubes less 
stressful and more productive for myself and possibly any other web developers 
who are confused by this. 

thanks,
-r815

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e53c37ea-c245-4aa3-ba55-d18bee0ad8a3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.