Port Forwarding

brad.mugleston at comcast.net brad.mugleston at comcast.net
Tue Nov 2 01:15:55 UTC 2004 

Please see below.

On Mon, 1 Nov 2004, Rick Stevens wrote:

> brad.mugleston at comcast.net wrote:
> > Gentlemen,
> > 
> > I read the page on SSH (http://rhil.net/docs/ssh_setup.html) and 
> > want to clarify some things
> > 
> > I have three IP's I'm using/seeing
> > 
> > the IP of the Modem (24.X.X.X)
> > the IP of the Linksys switch (196.X.X.X)
> > the IP of the computer (196.X.X.X)
> 
> Uh, you mean the Linksys and computer are on 192.168.x.x.  Odds are
> the Linksys is 192.168.1.1 and your computer is something like
> 192.168.1.10.  It's OK to publish the 192.168 addresses, Brad, as they
> ain't routable.
> 
> > I'm thinking the command my son is to use for SSH is "ssh 
> > 24.X.X.X"
> 
> Yup.
> 
> > I need to forward TCP Port 22 on the switch to the IP of the 
> > computer.
> 
> Yup.  Let's say that the computer is 192.168.1.10 and the switch/router
> is 192.168.1.1.  You want to get onto the router and tell it that
> "WAN (public) access to port 22 is to be forwarded to port 22 on
> 192.168.1.10".  This is also why you want to set up your local machine
> to have a fixed address and not get one via DHCP--if your machine gets
> a different IP, the forwarding won't work.
> 
> > I'm guessing his signal will come to the Modem which will forward 
> > everything to the Linksys switch.  The switch will see something 
> > coming in on Port 22 and forward it to the computer also running 
> > SSH (or PUTTY) which will handle the login and then do nothing.
> 
> Yes.  Actually, the router will NAT incoming port 22 traffic, changing
> the destination IP to 192.168.1.10.  Conversely, the source IP of
> outgoing traffic from 192.168.1.10 will be NATted to 24.x.x.x.
> 
> > Then he runs RealVNC to see the remote  screen on his local 
> > computer and he can do as he wants from there.
> 
> You got it.
> 
> > I suspect some of the things he will want to do are:
> > 
> > check remote  email
> > pull up old reports he written for other classes (this remote 
> > machine was his school computer prior to his new notebook this 
> > year)
> > Print these reports  - will he be able to print locally or only 
> > remote at my house?
> 
> Everything he does on the desktop will be actually performed at your
> house--all he has is a remote display.
> 
> > Down load files from home to school.
> > 
> > Based on the VPN conncetion I have from home to work I don't 
> > think he will be able to do the last two (at least I can't with 
> > my work computer).
> 
> Well, he'll be able to download using sftp.  Remember, the RealVNC just
> makes the desktop appear on his local machine.  Any file activitity
> actually occurs on your machine at home.  If he wants to move files from
> your place to his, he needs to run sftp.
> ----------------------------------------------------------------------
> - Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
> - VitalStream, Inc.                       http://www.vitalstream.com -
> -                                                                    -
> -   "I was remembering the immortal words of Socrates when he said,  -
> -   'I drank what?'"                 -- Val Kilmer in "Real Genius"  -
> ----------------------------------------------------------------------
> 

Thanks Rick, I knew I got carried away with the X's but they are 
eaiser to type than a number 8^)

Next question (my son, Derek, hasn't had the time to try to log 
in - school, girls, work, girls, etc) From home I can VNP into 
work then just use my Remote viewer to look at any computer I 
want.  We have 5 computers networked here at home is it possible 
to have him hit any of those without me having to change the 
Linksys forwarding?

Thanks again,

Brad

More information about the Redhat-install-list mailing list