Dynamic dns question
-
The "blue i circle" icon means logging is enabled for that rule.
-
Your NAT and FW entries are correct.
Is your http server on another network (DMZ)?
I tried to connect to your server on port 80 from your external address (-) and it seems like it's trying to pass packets and by that I mean it doesn't take forever to time out it just drops. So it makes me wonder if -*****- is reachable and if it has a firewall enabled that is dropping traffic.Also out of curiosity, what is the blue info icon next your FW entries?
i can connect to my home server remotely by going to the site -- but i cant figure out how to go to -**- to point to my router. since i only have 1 external address which both -- and -- are pointed to. the blue info icons are for logging though im not sure how to access them.
-
I'm not sure why you are confused. parman.dyndns.org points to 68.103.185.3 and parman.homeserver.com points to 68.103.185.3.
https is working correctly.Are your trying to say you want a different port besides 443 to be redirect to another internal address? You can have as many public DNS records as you want, but if your ISP only gave you one public IP then you will only be able to use a port pin hole only once per internal IP.
Both DNS records do point towards your router, but your router is forwarding the traffic based on your NAT and FW entries. Just pick another port to use to access your router *by the way this is a really bad idea -
Yeah i figured it was a terrible idea. I really need more then one ip from my ISP. So then why am i not able to connect ipsec vpn remotely im told the port forwarding is correct?
-
I don't have an answer for IPSEC, however may I suggest something more easy?
If all your looking at is remotely managing your router then SSH might be the perfect solution. Also, if you needed to remote desktop into one of your home computers you could easily setup tunneling with ssh. -
I don't have an answer for IPSEC, however may I suggest something more easy?
If all your looking at is remotely managing your router then SSH might be the perfect solution. Also, if you needed to remote desktop into one of your home computers you could easily setup tunneling with ssh.maybe you could point me in the right direction for remotely ssh i know the concept but im not 100% sure how it works when you not on the local network. i also want to be able to access and open my files on my server remotely i used to use a pptp vpn from my home server and it worked great.
-
Sure.
Setup SSH on a server or the pfsense box. Change the default port to something other than 22. I also recommend certificate based authentication only, but if you use passwords make sure they are strong.Use a client like putty setup the connection. Use your DynDNS record. Setup Tunneling. (http://oldsite.precedence.co.uk/nc/putty.html for more info)
For example I want to connect to a RDP session within the SSH tunnel. My source port could be 555 while destination is 192.168.1.100:3389 Remote.
SSH in to your network. Now open Remote Desktop Client and connect to 127.0.0.1:555. Perfect. (Same concept with other resource access)SSH only requires a single TCP connection which is really FW friendly. If you are only going to be accessing a limited amount of resources then I highly recommend SSH over using a VPN. SSH does require attention to security however. Just like any other remote service always watch the logs. Install Denyhosts to help protect. Change your default port and enforce certificate authentication.
I use SSH to remote desktop, x-fer files, access the web *So much secure this way when on the road, maintain my websites, access email, and more. A VPN would be kind of overkill for just one person and a hassle just to setup.
-
Thanks man! It actually worked the first time. You have taught me a lot and I'm a greatly appreciative. how do you manage the to access files and do remote desktops. FYI most of this stuff i do on my Iphone/laptop but 99% is iphone.
fyi i have never really understood shh.
this this the where you do the remote desktop and stuff?
- In the 'Destination' box (see Figure 3) enter the address followed by a colon and the port number that you wish the NetManager to forward requests to (use localhost if you want to refer to the NetManager itself). For example, to access the NetManager's web pages you would enter 'localhost:80' or to access a Citrix server you might enter 'appserver:1494'. A list of useful ports are shown in the table below:
Port No. Service
25 SMTP Mail
80 Apache Web Server
110 POP3 Mail Server
143 IMAP Mail Server
880 NetManager web based administration pages
1494 Citrix ICA
3389 Microsoft RDP* Once you have entered the source port and destination details you must click the 'Add' button.
* You may add as many source and destination details as you want. Remember to click the 'Add' button each time.
* Click on 'Open'. This will open a Window and ask you to log on to your server. Log on as 'ncadmin' or any other interactive user. If the window closes straight away when you type in the password, the account is not interactive. Use the NetManager web-based administration pages to modify the user account, so that they have an interactive account.
* Once you have logged on, the tunnelled connection will be live.
* When configuring your client software (e.g. web-browser or email package), always enter localhost (i.e. the local computer) as the remote address instead of the IP address of your NetManager. If you do not do this, the computer will connect as normal instead of over the ssh tunnel. For example, if you have configured your source port to be '8000' and the destination to be 'localhost:80', you will be able to access the web pages served by your NetManager from a web browser on your local machine by using the URL 'http://localhost:8000/'. Similarly, if you have specified the source port as '1494' and the destination as 'appserver:1494', you will be able to configure the Citrix ICA client to connect to 'localhost'. The NetManager at the other end of the ssh tunnel will forward the traffic to machine 'appserver' on the remote network. -
Yes.
As an example lets say your desktop IP is 192.168.1.100 and it runs Microsoft Remote Desktop which listens on port 3389. You want to remote desktop to this PC with SSH from an external network such as work.In Putty expand 'ssh' and then 'tunnels'. You would add the following settings for the above example,
Source Port: 555
Destination: 192.168.1.100:3389
Selection radio option 'Remote' and 'Auto'When you successfully log into your SSH server open up Remote Desktop client and connect to 127.0.0.1:555
Now you have a completely secure and encrypted VPN connection to remote desktop. You can do the same with FTP, email, web, and so much more. SSH is a VPN solution but with a lot less hassle.
(Note: You don't have to use port 555 every time. This is just an easy port to remember but you don't want to use the same port number twice or it wont work)It's a lot of fun when you start playing around, and it is really powerful. Just don't forget to watch your SSH logs for hacking attempts. By changing the default port from 22 to something like 222 you can greatly reduce the amount of attacks on your SSH server.
-
Yes.
As an example lets say your desktop IP is 192.168.1.100 and it runs Microsoft Remote Desktop which listens on port 3389. You want to remote desktop to this PC with SSH from an external network such as work.In Putty expand 'ssh' and then 'tunnels'. You would add the following settings for the above example,
Source Port: 555
Destination: 192.168.1.100:3389
Selection radio option 'Remote' and 'Auto'When you successfully log into your SSH server open up Remote Desktop client and connect to 127.0.0.1:555
Now you have a completely secure and encrypted VPN connection to remote desktop. You can do the same with FTP, email, web, and so much more. SSH is a VPN solution but with a lot less hassle.
(Note: You don't have to use port 555 every time. This is just an easy port to remember but you don't want to use the same port number twice or it wont work)It's a lot of fun when you start playing around, and it is really powerful. Just don't forget to watch your SSH logs for hacking attempts. By changing the default port from 22 to something like 222 you can greatly reduce the amount of attacks on your SSH server.
Thanks trying it out now. the first thing i did was change the default port for shh. ;D
-
do i need to set anything up in my firewall?
i will walk you though it. as i did
opened up putty
entered ssh information
Source port: 555
destination: 172.30.1.101:3389
clicked add
shows up: R555 172.30.1.101:3389
click connect
log in
so i get here.
now if i open up remote desktop connection (in windows if you didnt know) enter 127.0.0.1:555 and it connect i get this error.
This computer can't connect to the remote computer.
try connecting again. if the problem continues, contact owner…./
-
Can you remote desktop to this PC within your network from another computer? Check firewall settings. Your SSH Tunneling settings are correct.
-
Can you remote desktop to this PC within your network from another computer? Check firewall settings. Your SSH Tunneling settings are correct.
On my local network i can. since it doesn't even have a screen. could the firewall setting on my work network block it?
-
Since you SSH'd in then it's safe to say that you will be able to remote desktop. Just check your SSH settings. You must have missed something.