[stunnel-users] stunnel in DMZ : accept=22 / connect=other.server.net:22 - gets stuck! - need help!
Ludolf Holzheid
lholzheid at bihl-wiedemann.de
Thu Mar 17 17:12:21 CET 2011
On Thu, 2011-03-17 15:48:27 +0100, Bernhard.Baeumle at mt.com wrote:
> Hi
>
> I use stunnel on a DMZ server for tunnelling/forwarding/proxying...
> (whatever term is correct).
>
> The situation is as follows:
> Hardware : External PC <==> DMZ server <==>
> company-internal server
> Operational : https://xxx.yy.zz (443) <==> (443) stunnel (80) <==>
> (80) SVN Server listening on port 80
> NEW/NEED HELP : plink (22) <==> (22) stunnel (22) <==>
> (22) sshd listening on port 22
I don't think the clients bind() to the ports they connect() to.
i.e. your picture should look like this:
external PC DMZ server internal server
https://xxx.yy.zz (p1) ==> (443) stunnel (p2) --> (80) SVN Server
plink (p3) ==> (22) stunnel (p4) --> (22) sshd
p1 through p4 are arbitrary port numbers. ==> and --> are encrypted
and clear-text connections, respectively.
Does sshd cope with clear-text connections?
If yes, "telnet dmz-server-name.net 22" (or the rlogin equivalent)
should work on an internal workstation.
Ludolf
--
---------------------------------------------------------------
Ludolf Holzheid Tel: +49 621 339960
Bihl+Wiedemann GmbH Fax: +49 621 3392239
Floßwörthstraße 41 e-mail: lholzheid at bihl-wiedemann.de
D-68199 Mannheim, Germany
---------------------------------------------------------------
More information about the stunnel-users
mailing list