Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You will find that the only way to be trusted is by being honest, all the time...
And unfortunately that don't always look cool...
Your school admin will have his reasons for not letting you get a foot in a door in that he will lose control of...
There are libraries full of hindsight on this one.
And the price for getting caught for doing it the sneaky way can be long lasting.
I'm sure the admin and the students think the other is the bad guy.
So I'd advise you to relax and look at the school as another one of those places you don't have priveleges. Their money, their choices...
Of course, keep learning, and quickly, but in a different venue with your rules...
Ya'll make me look bad, I didn't learn how to use QBASIC till I was a Freshman, and then it was because I needed it on a boot disk to use EDIT.COM!! Well, I wish I knew more about programming than I did. I've tried to learn C, and then Java, but the bracks () and source code structure is hard for me to learn. Anyways, I think I'll ask my computer teacher to ask the administrator for me. He thinks I'm a genius because I got my Linux server set up with SFTP (SECURE!!! WO-HOO!!). Thanx for the help!
Don't feel bad. The main reason I started learning programming in the first place was so that I could get time in the coputer lab to play Tai Pan when the librarian was not looking. (The lab was in the library.)
But stick with it and you will get the hang of it. Programming is 50% study, 50% attention to detail, and 50% patience. Math helps too.
Ahhh grasshopper... An avenue to investigate is a vpn connection out of the school network to your computer at home. Then you can connect to your school pc's services from home over the vpn tunnel..
While setting up a VPN or some other form of tunnel is a possibility make sure to get permission first. If the Network supervisor finds out about it and it comes down that no one in authority knew about it you could be in for a lot of trouble. Network administrators don't have a sense of humor about these things.
Again if you want to do it above board, port forwarding is your best bet. If you get permission to try and connect using whatever means are at your disposal then let us know and someone here can probably point you in the right direction.
Edit: Please help me I am starting to sound like my parents!!! I am not ready to be responsible!
I decided to throw caution to the wind.. a little. There are a number of ways to set up a bi-directional tunnel such as you need. I will explain how to do it with OpenSSH which will do nicely.
First on your Windows box you will need to install cygwin . Cygwin is in essence a POSIX shell for windows, which allows you to a number of nifty things but the main one for our purposes is to allow sshd to run on your windows box. Do a google search for sshd and cygwin and you will get a number of how-to's on set-up for sshd.
Once sshd is running on your Windows box, from your Linux box inside the firewall you can call the Windows box and tell it to forward certain ports on the remote box (Win) to certain ports on the local box (Lin) and vice versa. man ssh on your linux box will explain the port forwarding, the ones to focus on are -L and -R.
Provded you can get permission from anybody (even your teacher), if you get stuck drop another note and I will help further. Somebody else may help regardless but I have a conscience to soothe.
Don't worry about permission. I have it from both my CET teacher and my CISCO teacher. I just cant get the system administrator to forward the packets because they think most all students are stupid and those that know anything about computers want to destroy them. <Despite the fact that I fix the computer problems on the campus after school.> Well, I think it would be a good learning experience because my CET teacher heard about VPNing but didn't understand it. I will get back to you (plural) with the results as soon as possible. Thanx for the help so far!!
What I am suggesting is not a true VPN, though I suppose it is close enough not to matter. If you want yo do a true VPN, IPSEC is one option. I use a (expensive) commercial solution so my experience on doing IPSEC by hand is limited.
Set up cygwin and try and get sshd working at a minimum. Also if you don't already have one set up a firewall on your Win box that you can selectively block ports on. Read up on PrtForwarding a bit as well if you really want to learn, I could walk you through it all but you won't learn as much.
Actually, when it comes to learning, if I'm left with a book's worth of info. then I will usually give it a good effort, but it is usually to much at a time, so I just give up. If someone talks me through the basic, and I see that it worked when I did it, then I have the understanding to understand what I am reading. Then I will learn ALOT faster and understand it better.
So, your suggesting that the administrator tells the router to forward the packets to my server and then I can ssh it? I don't think I understand what you are saying. I need to get through the router and communicate between my home computer and the server, in both directions, without packet forwarding.
Last edited by hotrodowner; 11-13-2002 at 06:00 PM.
No here is what we will be doing, and the administrator can go hang, if you will pardon the expression. We will call your Linux box "L" and Your Windows box "W." From L you are going to call W and say "When you get a request on your IP for Port 8088 I want you to take that request and go ahead and give it to me (L) through this tunnel (SSH) I created, I will then treat that request as if it came across Port 21 (FTP Control)" Better yet Read This and see if you follow what they are talking about. We are simply going to reverse the procedure and set the remote machines port 8088 to forward to 21 on the local (-R instead of -L).
Right now I am concentrating on FTP but is there a specific protocol (HTTP, FTP, etc...) you wanted? Another thing to keep in mind is that I can not categorically state this will work, I understand networking fairly well but I have never tried to to do this through a NAT intiated from the server. I will give it a go this weekend as a sanity check, I have everything I need between home and work but can't play around with it during business hours. The bigest risk is what will happen if DHCP reassigns the IP address. I'm not sure.
Here is another choice from an older thread. Or we could try a different VPN. Finally there is the HTTP tunnel mentioned earlier. An HTTP tunnel is very similar in nature to the SSH tunnel I am describing. Since you have gotten permission, I am willing to help you try whichever you like until you get tired of trying.
I leave it up to you, check each option out, or find a different one and tell me how you would like to proceed. It depends a lot on what you need the connection for. SSH is the easiest for me, others may give you more power. In the meantime I will see if I can find something that explains TCPIP port communication in terms that are not painfully obscure.
The way I have gotten around this (from my home system behind a NAT on a cable modem) is to have my Natted machine connect to a known relay in JXTA and then when I get into my office I open the peer and create a tunnel in JXTA, if the code for the tunnel worked right I would even suggest this route. But it will be months, maybe a year before I consider it functional. But since I have only been working on the code for maybe 5 or 6 hours I felt a need to brag.
I think we are down to the two of us BTW.... I have this instinctive fear someone else might have a better idea but have given up on the thread. Oh well, insecurity is it's own reward. Easily the longest I have stuck with a thread though.
Not to cloud the issue with the facts but on another thread Stickman mentioned CIPE which actually looks like a good solution to your problem. I never looked into it before but it looks sound and has a Win32 version. The CIPE athor also argues convincingly against the SSH tunnel method that i am recommending...
I had time to think yesterday <about 4 hours!!> and I thought of the following idea:
1) set up a VPN server on Windows XP at home
2) set up a VPN share at school (on a Windows XP machine), and connect to the one at home through the internet
3) set up openssh on both XP computers <for use with SFTP and the telnet replacement>
4) go home and backtrack through the VPN tunnel with ssh.
I have one question though, I have never used a VPN before; will I be able to access the entire school network from the VPN connection, or is it just to the XP machine directly connected? In other words, will I be able to access the other machines attached to the network of the computer that is VPN'ing mine? If it wont go to other computers, thats ok, I'll just ssh the xp machine, then sftp my server, and then sftp the xp machine. It seems long, but I think it would work.
You won't need the SSH if you set up a VPN connection. So all you will need to do are steps 1,2, and 3 not counting the SSH part of 3. SSH using port forwarding performs the same basic thing as the VPN will but only on one port.
Read up on installing CIPE (link in an earlier message) since that looks to be the most promising route. Install it on both the server and the Win32 machine and we will go from there.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.