cfengine tunneling
Just curious if anyone has had any luck tunneling cfengine over ssh? I have a policy server that sits behind a firewall, and for clients behind the firewall, everything works fine without a tunnel. Recently, however, I've added new clients that are outside the firewall, so they can't initiate connections to the server. The server, however, can initiate connections to hosts outside the firewall. So what I'd like to do is set up an ssh tunnel using:
ssh -NL 5308:externalhost:5308 user@externalhost
Or something like that, so that when cfagent is run from the external client, it uses the existing connection initiated by the server. Has anyone had any success doing something like this?
|