Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have IPCop with green and red cards. In my green network I have a SSH server using port 22 (IP: 192.168.0.1). My red card is connected to internet with fix IP. I want access my SSH server from outside using port 22 (my ISP blocks other ports). I set external services to open port 22 and forward port 22 from red to my internal ip 192.168.0.1 port 22. I also enabled SSH in IP configuration web page. All seems right, my access from internal network to internet is OK. But external access to my SSH server is completely imposible!! What am I doing wrong? Does anyone have an idea? Thanks in advance.
i have a similar problem but not with SSH. i opened port 222 for external access and it's working fine from outside. My problem is with the web admin which works on port 445. i enabled external access and opened tcp and udp ports 445. but some reason it's not working. the ipcop box is at home and i'm trying from work now and it's not working. is there a possibility that my ISP is blocking that port? is there a way to change that port from the ipcop box?
i think you're right. i did a NETSTAT from my XP laptop and it looks that 445 request is getting stuck on the ISP end. how can i change the port 445 to something else. what about changing it to normal 443?!
Opening the webadmin interface to the entire net isn't necessarily a good idea, but here's a topic in the IPCop Support Forums that covers what's necessary:
After running IPCop for years, I'm a pfSense convert now. It allows a great deal more specific control on what networks/addresses can access particular ports etc. Its VPN modules are a lot better, too.
thanks man. i searched for a solution yesterday and i changed it to 5445 port and i'm able to get the admin page from outside. the firewall if for training purposes only. i'm trying now i want to get the VPN part working but the VPN client for windows just sucks and i was trying to find a IPSEC VPN client that works with IPCOP from WINDOWS XP. any suggestions?
well, i downloaded something called lsipsectools from source forge. this my first time configuring VPN and i think i need some help here. My ipcop is configured to do Tunneling with PSK authentication. here is my network diagram:
192.168.0.1 <<< Green - IPcop - RED >>>> 72.51.x.x
i configured ipsectools and it's coming back
with the following log:
Code:
16:16:31: Starting Tunnel 16:16:31: IKE Encryption: 3des IKE Integrity: md5 Remote Gateway Address: 72.51.161.35 Remote Monitor Address: 192.168.0.1 Remote Network: 192.168.0.0/0.0.0.24 Local Address: 172.28.1.100 Local Network: 172.28.1.100/0.0.0.24 16:17:10: 15 Consecutive Unsuccessfull ECHO REQUEST [ Waiting 5 Secs ]...
the ipcop box is configured to do default authentication and integrity encryption 3des for encryption and
md5 for integrity. any ideas?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.