Jerome R. Westrick wrote:
Hello Tage...
You didn't mention why you wanted to do this, but port since 3389 is the "RDP" port I assume you want RDP access to your WINDOWS 2003 machine from the internet.
You didnot mention any type of securtiy you have in place.
So Assuming you want what I do all the time, namely secure remote access to machines in your network, I offer the follwoing solution:
I use SSH for secure remote access. I use it ssh tunnels to build secure (encrypted) access to my local network.
I use something like the following:
ssh -L 3390:10.0.0.241:3389 jerry@machine.XXX.com This connects to the ssh server on machine.XXX.com (In your case the SUSE server at 10.0.0.240)
asks you for your username and password. then setups the following secure tunnel: entrance in tcp:3390 on the local machine. ie each package sent to 3390 on the local machine is encrypted and forwarded to 10.10.10.240, where it is decrypted, and sent (in the open) to 10.10.10.241:3389
This method works fine for RDP and many other applications. It does not require that you mess with the firewalls Has added value of security and is easy to setup.
Additionally, SSH also offers a file transfer protocol, so you can get secure access to the files on 10.10.10.240.
The only disadvantage is that Windows does not come with an SSH client, so that you will have download an install one.
The Defacto standard is "Putty". And the one almost every one uses. While you are connected to the internet you should also download winscp3 which will give you access to the files on 10.10.10.240
Well a big explanation based on a whole bunch of assumptions... If you decide to go this way, I can help give you some tips on improving the default SUSE SSH configuration for type access...
Jerry
On Wednesday 16 May 2007 07:27, Darryl Gregorash wrote:
On 2007-05-15 22:38, Tage Danielsen wrote:
<snip>
The adress 10.10.10.240 is the server adress, and I have a Cisco router on 10.10.10.1 the router has a public adress, and it map another public adress to my server. So the server is acting as it's own firewall, because the router is mapping the public adress to the server and send all traffic to this.
Just set the router to map 0/0:3389 to the Win2003 server. It's probably far more complicated and much more difficult to map everything to the SuSE server, then have it remap this one port to the Win server. It would also require the Win server to send traffic from this port (only) back through the SuSE server, while everything else is sent directly to the router.
-- Moral indignation is jealousy with a halo. -- HG Wells
Hello, - Thanks to Jerry, it sound like a good solution, but can the windows client easy connect to the server?
You see, I have a internet connection with 8 ekstra IP's and each of this IP is mapped down to a privat IP, and I feel that it is not a good idea to give the windows server a public IP where all port service is open. My cisco router is routing all port service down to my servers, I am using Suse server now for 6 years that way, and have no problem with this, but I am afraid forthe windows server, that is the reason for to route just rdp servise fromone of my linux server to the windows server. I am unable to make that fix in the router, that is the whole IP or nothing. If I can use Jerrys suggest i like to try this, but it have to bee easy for the windows users to use rdp. Next what do I have to do? Regards Tage -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org