[NBLUG/talk] Any simple mechanism to control devices behind firewalls without port forwarding?

Omar Eljumaily omar at omnicode.com
Fri Feb 13 06:25:04 PST 2015


Thanks Robert.  The device doesn't support running processes on it.  My 
understanding of ssh is that it can run shell based processes, but not 
generic tunnels.  pptp or ipsec would work, but that would involve 
modifying the host firewall in a way that his more complex than then 
port forward.

Thanks,

Omar


On 2/12/2015 4:26 PM, Robert P. Thille wrote:
> On 02/12/2015 01:57 PM, Omar Eljumaily wrote:
>> I have to put a device behind a firewall, and they don't know how to do a port forward at the site.  I don't think they want me to mess with their firewall
>> either.  The device supports SNMP apparently.
>>
>> I was thinking that I could rig something up where I put in an intermediary device on their network that sends messages out every minute or so talking to a
>> server that will relay messages back to the device.  Once I get a hit at the server, the messages can go faster than once a minute.
>>
>> Is there anything that does this already?  It seems like it would be handy since there are an increasing amount of monitoring devices that people want
>> installed and controlled, and I don't think people want to punch a hole in their firewalls for each device.
> You could have a process on the device behind the firewall which periodically checks for messages at a queue outside the firewall.
>
> Or, if the device doesn't allow that, you can use the 3rd device idea. But you could use an SSH tunnel instead of what you described and have basically full
> network access to the device.
>
> Robert
>



More information about the talk mailing list