From: Michael W. <mwi...@mg...> - 2006-02-19 15:51:39
|
Mark, Yes, I see now that having inaccessible (e.g. corporate) machines on either side of the process, I'm going to *have* to have a machine in the middle that I can control to reroute traffic, etc. I was hoping to be able to avoid this, but oh well. Thanks for the reply. Regards, Michael On Feb 19, 2006, at 6:16 AM, Mark Janssen wrote: > On Sat, Feb 18, 2006 at 06:35:13PM -0500, Michael Williams wrote: >> I require a solution that can "traverse" the firewall without >> requiring any specific ports on the "listening" end. Are there any >> solutions that will wrap the data such that it can pass through the >> internal firewall, but that will hit, say, port 22 on the "listening" >> server? I absolutely cannot run SSHD on 80, or 443 on the >> "listening" server; they're taken. > > Make sure that your proxy allows connections to ports other then 80 > and > 443... or it won't work. > > What I've done, is run https on port 443, ssh on port 22, and create a > firewall rule to redirect port 443 traffic coming from specific > ip-adresses (like the proxy at my work) to port 22, while leaving the > rest of the internet seeing my https website. > > So far this technique has worked with all proxies I have encountered. > > -- > Q: How do you save a drowning lawyer? > A: Throw him a rock. > > Mark Janssen -- maniac(at)maniac.nl -- pgp: 0x357D2178 > | ,''`. | > Unix / Linux Open-Source and Internet Consultant @ Snow.nl > | : :' : | > Maniac.nl MarkJanssen.nl NerdNet.nl Unix.nl | `. > `' | > Skype: markmjanssen ICQ: 129696007 irc: FooBar on undernet | > `- | > |