On Thu, Feb 03, 2000 at 09:54:07AM -0800, Rich Quinn wrote:
> Hi,
>
> I am trying to set up ip tunnelling from a machine behind my firewall to a
> destination address outside my firewall.
>
> I got ssh1 and ssh2 running on my sparc 2.7 box.
Your sparc box is the one you're tunneling from (the local box), right?
> I can do IP tunnelling via ssh2 by typing this command on the firewall:
> ssh2 -L 5555:destination.ip.address:23 destination.ip.address
>
> Then, from a node behind the firewall I'd type this command:
> telnet firewall.ip.address 5555
>
> This, of course, forwards my request to port 23 of the
> destination IP address and gets me a login prompt at the
> destination while also ensuring that I am protected via ssh.
So, you're firewall admin isn't particular on what goes outbound :)
> When I try to do this with ssh1, I get a connection refused.
Sounds like sshd1 isn't listening on the other end, but sshd2 is.
> I am certain that this is due to the fact that ssh1 is compiled with tcp
> wrappers.
Could be, but you need to have both daemons (sshd1 and sshd2) on the remote
box. Where are you running the wrappers?
> My /etc/hosts.allow file contains this entry:
> ALL: node.behind.firewall
>
> This should allow any type of connection from my node behind the firewall
> shouldn't it?
It should.
> I looked at my ssh_config and sshd_config file and am not
> sure if I need to adjust one of those files or if I need
> to put a different entry in my /etc/hosts.allow file in
> order to allow my connection from my machine behind the
> firewall to my destination ip address.
Let me know. I'm not sure if I'm understanding you correctly: you have
ssh1 and ssh2 on the local host, but I don't know what you have on the
remote host.
-Anne
--
Anne Carasik
Email: [EMAIL PROTECTED]
SSH Communications Security, Inc.
Senior Technical Support Engineer
"Any two consenting adults can rub two primes
together to create a public keypair" - R. Thayer
