[NBLUG/talk] Any simple mechanism to control devices behind firewalls without port forwarding?

Eric Eisenhart eric at nblug.org
Fri Feb 13 08:36:44 PST 2015


Omar,

Ssh can run tunnels, both specific (port forward) and generic (SOCKS proxy).

On Fri Feb 13 2015 at 6:25:19 AM Omar Eljumaily <omar at omnicode.com> wrote:

> Thanks Robert.  The device doesn't support running processes on it.  My
> understanding of ssh is that it can run shell based processes, but not
> generic tunnels.  pptp or ipsec would work, but that would involve
> modifying the host firewall in a way that his more complex than then
> port forward.
>
> Thanks,
>
> Omar
>
>
> On 2/12/2015 4:26 PM, Robert P. Thille wrote:
> > On 02/12/2015 01:57 PM, Omar Eljumaily wrote:
> >> I have to put a device behind a firewall, and they don't know how to do
> a port forward at the site.  I don't think they want me to mess with their
> firewall
> >> either.  The device supports SNMP apparently.
> >>
> >> I was thinking that I could rig something up where I put in an
> intermediary device on their network that sends messages out every minute
> or so talking to a
> >> server that will relay messages back to the device.  Once I get a hit
> at the server, the messages can go faster than once a minute.
> >>
> >> Is there anything that does this already?  It seems like it would be
> handy since there are an increasing amount of monitoring devices that
> people want
> >> installed and controlled, and I don't think people want to punch a hole
> in their firewalls for each device.
> > You could have a process on the device behind the firewall which
> periodically checks for messages at a queue outside the firewall.
> >
> > Or, if the device doesn't allow that, you can use the 3rd device idea.
> But you could use an SSH tunnel instead of what you described and have
> basically full
> > network access to the device.
> >
> > Robert
> >
>
> _______________________________________________
> talk mailing list
> talk at nblug.org
> http://nblug.org/cgi-bin/mailman/listinfo/talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nblug.org/pipermail/talk/attachments/20150213/5c6ad933/attachment.html>


More information about the talk mailing list