LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   SSH connection through the firewall with no ports open (http://www.linuxquestions.org/questions/linux-networking-3/ssh-connection-through-the-firewall-with-no-ports-open-758938/)

Vitoriung 10-01-2009 06:13 AM

SSH connection through the firewall with no ports open
 
PC1- 10.128.14.12 (linux)local network
PC2- 10.248.12.100 (linux) in DMZ

PC1 can ping PC2, no ports are forwarded so I can't SSH on each other.
Workaround (but silly) is -
PC3- 10.248.12.2 (Win2k3) port 3389 open on firewall (Cisco PIX)
PC1 -> RDP -> PC3 -> Putty -> PC2

With this configuration I am not able to use tunnel VNC from PC2(KVM) to PC1.
I have admin rights for PC1 and PC2, cannot install anything on PC3
Is there any available solution to this? Eg. use Putty to forward the ports etc...

Please don't advise anything like "tell your admin to open the ports", I am neither hacker or networking expert, just need to access my KVM server and dealing with silly people here.

Thanks

Maspry 10-01-2009 06:52 AM

If I understand you correctly the putty session is between PC3 and PC2, both of which are in the DMZ. RDP is only giving you the remote desktop and is not forwarding or tunneling ports. Any SSH tunneling would be between PC3 and PC2 so no use to you.

Perhaps a temporary solution would be to have the VNC session run over port 3389 as you know its open?

tapke 10-01-2009 07:20 AM

Are VPN ports PC2<->PC1 open?

estabroo 10-01-2009 09:02 AM

does PC3 have an ssh server running on it? If so you could do an ssh bridge

tapke 10-02-2009 12:21 AM

Quote:

Originally Posted by estabroo (Post 3703565)
does PC3 have an ssh server running on it? If so you could do an ssh bridge

He said he's connecting to PC3 on remote (RDP) and has no admin rights on it. So it's windows and it means no ssh.

estabroo 10-02-2009 07:39 PM

on PC2 have you tried having an ssh server running on port 3389 since the pix allows it to pc3 it might have a general rule allowing access to the rdp port

Vitoriung 10-06-2009 04:21 AM

Quote:

Originally Posted by estabroo (Post 3705642)
on PC2 have you tried having an ssh server running on port 3389 since the pix allows it to pc3 it might have a general rule allowing access to the rdp port

Yes I have, but the rule is obviously enabled just for PC3. So only thing could work may be port forwarding through the Putty on PC3, but I am not successful here either, maybe I am missing the right settings.

estabroo 10-06-2009 10:51 AM

do you have a list of the rules on the pix?


All times are GMT -5. The time now is 02:01 AM.