pfSense behind 4g router
-
Well normally you would setup a site-to-site VPN and client can then connect across it directly. No need to install VPN clients on the hosts behind the firewall. Unless I'm missing something...
-
@Gérald said in pfSense behind 4g router:
Wo not have to install clients on external devices
If the clients are running Windows, you'd still have to install something like Putty.
-
@JKnott said in pfSense behind 4g router:
@Gérald said in pfSense behind 4g router:
Wo not have to install clients on external devices
If the clients are running Windows, you'd still have to install something like Putty.
No, on Windows or Android, with the reverse SSH solution, just use myPublicIP: myPort in the app to connect to the LAN
-
@Gérald said in pfSense behind 4g router:
No, on Windows or Android, with the reverse SSH solution, just use myPublicIP: myPort in the app to connect to the LAN
What are you running on Windows or Android to allow that to happen?
-
You don't need to run anything in the client. The SSH tunnel sets up a 'port forward' of sorts so that when you access the local host on the specified port that is forwarded to the remote SSH server at whatever port you specified when you created it.
I can see how that might be useful for numerous distributed remote hosts. If all the remote devices are behind one firewall though a site-to-site VPN makes far more sense there. You could then just access the remote devices directly.
Steve
-
@stephenw10 said in pfSense behind 4g router:
You don't need to run anything in the client. The SSH tunnel sets up a 'port forward' of sorts so that when you access the local host on the specified port that is forwarded to the remote SSH server at whatever port you specified when you created it.
You need client or server software at each end. Linux provides both. Putty can be used as the client on Windows. What provides the SSH service, client or server in that reverse tunnel?
-
I guess the OP is doing this in reverse but you can do it either way...
So I run on a local pfSense box:
[2.4.4-RELEASE][admin@5100.stevew.lan]/root: ssh -L 172.21.16.128:4343:127.0.0.1:443 someserver.example.org
Now any client behind pfSense can access 'someserver' at 172.21.16.128:4343 without any sort of ssh on the client itself.
In the reverse setup pfSense would be the server and clients connect to it with the server end listening for port to forward.
That seems to be what the OP is doing but in the reverse case all the setup is at the client so I'm not sure what help any gui page might be....
Steve
-
All the setup is on a local computer : ssh -R remote_port: host: localport VPS_username@VPS_IP_address
On the VPS, juste a simple linux distribution.
On the remote clients, i juste need to use VPS_PublicIP: remote_port in Android, Apple or Windows app -
Right so if you use pfSense instead of the local computer you use currently you could create a VPN to the VPS from it and forward ports across it. You would need something that can do port forwards in the VPS though I guess.
Steve
-
@stephenw10 said in pfSense behind 4g router:
Right so if you use pfSense instead of the local computer you use currently you could create a VPN to the VPS from it and forward ports across it.
Exactly.
Permit rapid tunnel creation, their activation / deactivation and the possibility to control their states and an automatic reconnection (autossh) in case of disconnection.It is a quick way for a webmaster to allow access to these self-hosted site under development to be tested by his client for example ...
The MobaSSHTunnel software under Windows does that perfectly!