Re: Is there a reverse Network Address Translation???

From: Richard Lynch (ceo_at_l-i-e.com)
Date: 09/30/04

  • Next message: Brent Wiese: "Confused about SATA Raid" 
    Date: Thu, 30 Sep 2004 14:38:35 -0700 (PDT)
To: "Mark Jayson Alvarez" <jay2xra@yahoo.com>

    Mark Jayson Alvarez wrote:
    > Hi,
    > I wan't to access my pc at work from home through
    > freebsd's sshd. Is it possible?, knowing that it
    > doesn't have a public ip address? That workstation of
    > mine is only gaining internet access through LAN
    > servers and routers. Will it help if I know the
    > gateway ip where my workstation passes through and the
    > proxy as well as dns server's ip's? I know its
    > possible but I can't imagine the process, perhaps
    > something like a reverse network address
    > translation... Any idea?

    I think you would need to have the public IP LAN server/router ready,
    willing, and able to port-forward SSH packets to your personal
    workstation.

    Your work IT Administrator may, or may not, be willing to set this up for
    you.

    If *YOU* control the public-IP LAN gear at work, you need to set them up
    to "port-forward" anything on some port that the public-IP LAN gear isn't
    using to your desktop workstation.

    You'd think that SSH needs port 22, but if that's already in use, you can:

    1.
    Configure the public-IP to accept/forward port 222 (or whatever) to your
    desktop workstation.

    2.
    Configure sshd on the desktop workstation to accept traffic on 222 and use
    sshd to handle that traffic.

    3.
    Use ssh -p 222 USER@PUBLIC_IP
    at home to log in to the desktop at work.

    The PUBLIC IP box gets the connection on 222, forwards it to your desktop,
    and you're in like Flynn.

    If the "PUBLIC" IP is dynamic (IE, cable modem, DSL, etc) you can also set
    up software to create a valid domain name for it using something like:
    http://dyndns.org or one of a few dozen other similar services.

    In that case, you'd install a small client on the PUBLIC IP box which will
    notify the DynDNS folks whenever your IP changes, then they update the DNS
    routing tables for you, and Whammo! you don't really care that your IP is
    dynamic because they tied a domain name to it for you.

    If you can't alter the PUBLIC IP LAN gear at work, then I don't think you
    can manage to ssh in to your desktop box. 

    -- 
Like Music?
http://l-i-e.com/artists.htm
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
  • Next message: Brent Wiese: "Confused about SATA Raid"