Re: router port forwarding ssh to a zone
- From: KJ <zemplar@xxxxxxxxx>
- Date: 29 May 2007 09:15:30 -0700
On May 29, 10:59 am, KJ <zemp...@xxxxxxxxx> wrote:
On May 29, 8:49 am, Shea Martin <s...@xxxxxxxx> wrote:
I created a zone, and changed the sshd to run on port 9022. On my old
linksys router, I forwarded port 9022 to the zone's IP (192.168.1.9).
Port 22 is forwarded to my global zone (192.168.1.8).
On my LAN, I can ssh to the zone from any machine inside the LAN. But
when I try to ssh to my house, on port 9022, I get a connection refused
error. Yet I can connect to my global zone fine.
Here is the output from ifconfig -a on my global zone:
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu
8232 index 1
inet 127.0.0.1 netmask ff000000
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu
8232 index 1
zone mediatomb
inet 127.0.0.1 netmask ff000000
dmfe0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.1.8 netmask ffffff00 broadcast 192.168.1.255
dmfe0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone mediatomb
inet 192.168.1.9 netmask ffffff00 broadcast 192.168.1.255
Are there any obvious mistakes I am making? Is this a limitation of my
router (i.e., not recogining two IP's on the same mac?
~S
Did you restart the SSH server? If not, as root do "svcadm restart
sshd" on Solaris 10.
Even though my Netgear router doesn't "recognize" multiple IP's for
the same MAC address, it works fine, save for the reserved IP address
feature by hostname/IP - which is seriously confused by Solaris
zones. So I'd imagine you'd be okay with your Linksys but have a more
fundamental error.
By the way, what I find easier, if your Linksys supports it, is port-
forwarding within the router.
For example, you don't need to change sshd ports on zones, just let
every global and non-global zone run at the default ports. Then, if
your router supports is, just have your router forward to the proper
LAN IP and port. In your case, you should be able to set WAN request
on port 9022 to be directly to 192.168.1.9 on port 22 and all WAN port
22 traffic to simply traverse to 192.168.1.8.
This setup works especially well when using multiple zones. Then if
you want to switch web server zones, for example, you can simply swap
your zones IP address and have all the port mappings already
configured. Every "business class" Netgear router I've used support
these features, though I'm not sure about your Linksys.
HTH.
.
- References:
- router port forwarding ssh to a zone
- From: Shea Martin
- Re: router port forwarding ssh to a zone
- From: KJ
- router port forwarding ssh to a zone
- Prev by Date: Re: Automatic reboot after fatal error - how do I get a dump?
- Next by Date: Re: Sun's direction in Solaris 10x86 (11/06)
- Previous by thread: Re: router port forwarding ssh to a zone
- Next by thread: Re: router port forwarding ssh to a zone
- Index(es):
Relevant Pages
|
