pfSense behind 4g router
-
I come back to you after testing a lot of things.
I tested the reverse ssh and it works exactly as I described in my first post myPublicIP: myPort
I installed on my VPS a Debian distribution and I initiate a tunnel with the command: ssh -R remote_port: host: localport your_username @ IP address of the server.
Is it possible to do the same thing in pfSense? -
Yes: https://www.freebsd.org/cgi/man.cgi?query=ssh
But you should use a VPN for this really.
Steve
-
Thanks for this !!!
But no package for that ? -
For SSH? It's included by default, client and server.
-
Really !!!
And it's where ?? -
@Gérald said in pfSense behind 4g router:
Really !!!
And it's where ??SSH is built in to pfSense, or rather the FreeBSD it runs on. If you're running Linux, it's also built in, but you need something like Putty on Windows.
-
I know that SSH is integrated with freeBSD.
I use it this way to access my servers.
But it seems that there is no interface in pfSense to make SSH tunnel creation more user frendly -
@stephenw10 said in pfSense behind 4g router:
...you should use a VPN for this really.
But I'm not sure what you expect to see here for SSH. Once it's enabled in System > Advanced > Admin Access you can tunnel stuff to it or use it as a proxy, which I generally prefer.
Steve
-
@Gérald said in pfSense behind 4g router:
But it seems that there is no interface in pfSense to make SSH tunnel creation more user frendly
????
You don't need a tunnel for SSH. It's encrypted on it's own.
-
Looks like he's trying to setup this sort of tunnel:
https://www.ssh.com/ssh/tunneling/example#sec-Remote-Forwarding -
@stephenw10 said in pfSense behind 4g router:
Looks like he's trying to setup this sort of tunnel:
https://www.ssh.com/ssh/tunneling/example#sec-Remote-ForwardingThat's exactly it, as previously stated ...
-
Ok, so it's exactly the same as it would be for Debian. What do you expect to see in a 'package' for this?
Steve
-
Thanks for your interest !
I would like a package that would allow me to set up SSH tunnels quickly between my LAN and my VPS
To be able to control their states and an automatic reconnection (autossh) in case of disconnection. -
Hmm, I see. So maybe something like the port forward setup page but including configuring the actual SSH connections?
I've never seen anything like that offered on any firewall to be honest. Really this is exactly where you would usually just use a VPN. Is there some reason you don't want to use a VPN?
Steve
-
Wo not have to install clients on external devices
-
Well normally you would setup a site-to-site VPN and client can then connect across it directly. No need to install VPN clients on the hosts behind the firewall. Unless I'm missing something...
-
@Gérald said in pfSense behind 4g router:
Wo not have to install clients on external devices
If the clients are running Windows, you'd still have to install something like Putty.
-
@JKnott said in pfSense behind 4g router:
@Gérald said in pfSense behind 4g router:
Wo not have to install clients on external devices
If the clients are running Windows, you'd still have to install something like Putty.
No, on Windows or Android, with the reverse SSH solution, just use myPublicIP: myPort in the app to connect to the LAN
-
@Gérald said in pfSense behind 4g router:
No, on Windows or Android, with the reverse SSH solution, just use myPublicIP: myPort in the app to connect to the LAN
What are you running on Windows or Android to allow that to happen?
-
You don't need to run anything in the client. The SSH tunnel sets up a 'port forward' of sorts so that when you access the local host on the specified port that is forwarded to the remote SSH server at whatever port you specified when you created it.
I can see how that might be useful for numerous distributed remote hosts. If all the remote devices are behind one firewall though a site-to-site VPN makes far more sense there. You could then just access the remote devices directly.
Steve