Networking :: Allow A Port Redirection For Rdp Clients?
Jan 27, 2010
Ok, here goes, I have a rdp server sitting at a remote store which is behind a router I do not control.
I might be able to get the phone company to add routing to it but at the moment I'd like to do this with ssh and reverse port routing, because I might need this for other ports later and I never know if the phone company wont break other routings already in place or just screw up the entire thing .
I am able to have a linux box at the site ssh into a server located where I'm at and reverse port forward port 3389 to that server. I can also then ssh into that server from my linux box and port forward 3389 to my box, under another port since my 3389 is already in use. Finally I can use rdesktop to rdp on the my local box which bounces it through the server and back to the linux box which forwards it to the rdp server (A Windows 2008 server to be exact). This is all well and good and works reasonably fast, but, I need to be able to have users on windows boxes at my site do this without all of the rigmarole. I need to, I guess, redirect a normal open port, or create one, on the server where I am so that it connects internally to the reverse forwarded port or open the internal port to the outside. So I guess I need to make it a 'gateway' for that one port, this way all I have to do is point the rdp clients at the main server and port to have it eventually connect to the rdp server in the remote store.
how to go about doing it. I guess I need an iptables entry forwarding the port but I'm not sure what is should be.
The other option is opening up the port 3389 to the outside but I'm not sure how to do that either. Right now I have no iptables entries at all but even if I turn off iptables completely port 3389 is not available if I try to use it from another pc on the network but I can rdp from the server itself using the 3389 port so I know it's working internally.
There is this server where in I want to use port redirection using iptables. For port redirection I have used nat table with PREROUTING chain and REDIRECT option. Like:
Code: iptables -t nat -A PREROUTING -p tcp --dport pop3 -j REDIRECT --to-port 8110 It just does not work. I have tried to redirect other ports as well but nothing works.
I am using squid proxy server in my Linux machine for caching. Now i want run my squid in transparent mode not set proxy settings in browsers.Like squid is running port 3128. If we redirect the port 80 packets to port 3128, looping is occurred.How to avoid looping?
I'm have a base level understand of linux at this point. I have Debian box that I am trying to do some port redirection with.
I have my external NIC as eth0 with an IP of x.x.250.5. I have my internal NIC as eth1 with an IP of 192.168.1.1.
On the internal network I have a NAS box with a web interface at 192.168.1.100. What I need is to set it up so that a request to x.x.250.5:8080 will some how forward/redirect to the internal network NAS box at 192.168.1.100:80.
In SuSE firewall0. I do have a openSuse 11.4 and multiple IP addresses on eth0 interface
I run (trying to/have to) multiple TOMCAT servers.
I am trying to have each tomcat instance listen to on separate IP address for example:
What i am trying to do is to redirect
a) tomcat 1 -
a) tomcat 2 -
And so on.
I know that it has to be possible.
I do have just eth0/
Is is it possible. Do I have to create "vittual interfaces"? eth0:1, .......... and do redirection ?
"Server" has got just single interface - just 1 ethernet calbe goes to that server. I am planning to have 10-15 tomcat's on that server (I have to unfortunatley) and each has to run on port 80
Is it possible to "grant" permissions to normal users to run app on port 80 - that would solve me lots of problems if impossible to redirect.
I tried to setcap 'cap_net_bind_service=+ep' /path/to/tomcat ...... but no luck
i am running ncat (netcat's new version from nmap) on centos . I am listening on different ports. My question is , is it possible that when a connection is received on a port say 123, i redirect this connection to a different port and use the 123 port again for listening connections. ncat has an option -k which u can add with -l , it will force fully listen on the port. It can accept multiple connections on a single port but i want that once a client connects on to 123 port, he is forwarded to some other port and no longer on 123.
I'm running a server with Ubuntu 10.04 installed. I recently set up a VirtualHost (I'll call it my.website.com), like I have in the past without any problems. But this time, I'm stumped. When I connect to my.website.com, it should hit port 80, right? It doesn't; rather, it hits port 8000. I don't have any rewrites/redirections (I checked wherever possible) and checked apache2.conf (httpd.conf is empty).
I'm a NOOB setting up Postfix but managed quite well by following the Ubuntu Server guide. I have managed to set it up using SSL but testing a mail client like thunderbird I can also connect to port 25 using no authentication. Connecting using SSL on port 465 by editing "master.cf" file works but 25 i still open.
1. How do I prevent clients to connect to port 25 without authentication? 2. I guess I have to have port 25 open in order to receive mail from the outside world?
I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:
nc: connect to localhost port AAAA (tcp) failed: Connection refused while nc -v -w2 -z localhost BBBB
I have been trying to achieve something through iptables but something is going wrong. I want connection/packets arriving to a specific computer (let's call it "server") from another specific computer ("client") inside the same network to be automatically redirected to a remote computer in the internet and vice-versa. I tried doing that using iptables with these commands on the "server" PC:
I'm currently setting up a squid proxy which will be installed on a debian system configured as a bridge eth0/eth1 as br0. The problem I'm having is that port 80 requests are being proxied both ways where I only want the requests coming in via eth1 to be proxied.
Is there a way to do this? I've already tried changing the "-i br0" in the iptables redirection to "-i eth1" but no data appears to go through it.
I have a machine with two network cards running linux mint 8 XFCE (which is compatable with Ubuntu Intrepid Ibex). eth0 gos out onto the network propper, has a static IP address of 10.10.10.10 and serves DHCP requests for the 10.10.10.x subnet.
eth1 is pluged into a PPPoE concentrator, and has a static address of 192.168.0.1 (I would have left it alone but pppoeconf wouldn't work unless it had an address).
ppp0 is the piont to piont over ethernet conection that is corectly created when I run pon. I have both guard dog and guide dog installed but they are both disabled.
Now, the weird part: I can ping the IP number of the machine at the other end of the pppoe conection (when it changes I can still ping the new number), the local IPs (10.10.10.x), but *nothing* else not even the DNS servers passed to the machine during ppp conection which are in the same sub net as the machine I can ping.
When I try to ping or trace the route I get an error message like: reply from 10.10.10.10: desination unreachable There is nothing wrong with the network at the other end, as I can make an Identical PPPoE connection from other machines on the network if the the concentrator is pluged into the hub (a rather unsafe place for it to be) and it all just falls into place.
What seems to be happening is that the machine is treating eth0 rather than ppp0 as the internet gateway, and passing the packets round in circles.
everything works fine. I can log in, and local port forwarding is done. Otherwise when I use the command:
ssh user@ssh_server -R 5500:localhost:5500 -p 22
I get an error "remote port forwarding failed for listen port 5500". However when I try remote port forwarding in WinXP by use of putty there is no problem...
I'm using a Debian servers, as router/firwall.. I've two ethernet interfaces into the server, one for wan and one for lan. The i use SNAT so my LAN clients can access the internet throgh the debian router. That is working... Now i want to be able to access servers on the LAN site from the WAN site, and i wanna use port address translation (PAT). I have a FTP server running on a lan server, so i'm trying to portward port 21.
When people try to access my FTP from the WAN site, they are redirected to the local FTP server, and they are promted for crendentials, but when the credentials are typed, and the local ftp server should answer the wan request, the connections dies.
The wan clients are being promted for credentials, so they are redirected to the local lan server, but after that the connections dies, so i think there is some kind of nat problem, when the local lan server is trying to respond to the wan request..
I make an application on GNU/Linux which listening on a MULTICAST stream, so I open my unconnected socket, bind it on a MULTICAST address and a port, join the multicast group with the "setsockopt (IP_ADD_MEMBERSHIP)", then I receive datagram on my socket.
Now I've two different instances of the same application that run with their own MULTICAST address and port. And what I found strange is that, after a misconfiguration, I switch the ports, for example:
Emitting on 225.0.0.1/23451 and 225.0.0.2/23452 Receiving on 225.0.0.1/23452 and 225.0.0.2/23451
And my receiving part doesn't care about the MULTICAST address, it looks like the socket is listening on the port number only! I mean that the receiver [225.0.0.1/23452] take its datagrams from emitter [225.0.0.2/23452] and vice-versa!
I have a mail server on which I would like to block port 25 on my eth0 for everyone except our external spam filter. the problem is that I want our users to be able to connect via port 10025 which is forwarded to port 25, which then is blocked...
what should I add/change to set up port forwarding of port 1000 to ip 192.168.1.200. also how to get the answer sent by 192.168.1.200 follow the same route used by the data received through port forwarding.
i have an embbeded hardware that uses bootp for booting from a Network Managemnt Host (NMH)on the same ethernet. The embedded hardware has both kind of ports i.e ethernet as well as E1/T1. I would like ask, what do i require to establish a communication-link between the embedded hardware and the NMH throuh E1/T1 ports of embedded hardware, so as to make it boot through from E1/T1. Further, NMH possesses only ethernet port. Just to refine my questions i'd like to know what additions do i need to do on my NMH , like may be i have to put an E1/T1 port or is it possible that the E1/T1 port can be directly connected to an ethernet port on the other host.
pardon me if i am not making absolute sense here as my knowledge is limited on Layer 1 and layer 2.
how to access networking port and run scripts on that port so as to gain access of remote machine.is that possible through command prompt or through software.
i kno ip address of my frnd who is chattin with me .okay.i want to run an application on his computer .i came to kno tht we can run script o through port
This seems to be a catch-all "... we didn't resolve your link request so we are sending you here ..." page. It lists various candidate links as alternatives to the link I was seeking. Strangly, the page often lists the exact same link that I sought in the first place. I can understand the occasional DNS lookup failure due to heavy net traffic, heavy demand for the target name serverheavy demand for a specific site link, and so on. Sadly, this happens to me at least daily and often several times every day. That hardly qualifies as "occassional" under any reasonable definition.I am in Austin, Texas -- supposedly one of the US "very wired" cities.Can anyone shed light on this happening?Is there anything that I might be doing to provoke this happening?Is Time Warner DNS in general or Austin in specific just that bad?I've tried brief experiments with other DNS servers, but they each presented their own troubles. I suspect a loose nut in the net-admin chair
I installed ZTE MF 626 modem in my F10 with kernel 2.6.27.12-170, i run usb_modeswitch and so far things happened normally. Watching through /var/log/messages it says that F10 detects two port device for this modem: ttyUSB1 and ttyUSB2, and in the sequence it disable port ttyUSB1 BUT Network Manager still set this port.I mean, when i connect via wvdial appointing to ttyUSB2 i get connection, but Network Manager fails to do it appointing to ttyUSB1. How to change device port in Network Manager?
I need to set up a VPN between 2 clients but don't have the foggiest idea where to start. I have searched the internet in vain, I have yet to discover the steps I need to take.
I have a client in Pittsburgh that has a Mac server and a Linux (RHEL) server on a LAN. They have a Netgear FVS 318v3 router on which they had a VPN running. They could do this because they had the router configured for IP-SEC and they only had Mac laptops as clients. I'm told Mac laptops can be configured to connect to IP-SEC VPNs, but Linux (I have Ubuntu) clients cannot.
I'm told that we need an PPTP VPN, and that the Netgear can not act as an endpoint, but can pass PPTP traffic to one of the servers if we set them up as a PPTP server.
We hired two different network consultants to set up the VPN, but neither one is able to set up a VPN to allow both the Mac and Linux laptops to connect.
Why is this so difficult? Lots of companies have VPNs that allow any client to connect.
Would it be better for us to purchase a different router that can act as a PPTP endpoint?
Do I want the router to act as a PPTP endpoint, or would it be better for me to use the Netgear and set up a PPTP service on one of the servers? Or, is there some better solution?
I'll state the issue and then give whatever extra details are needed. I'm running Ubuntu 10.xThe Linux box is connected to a router via ethernet. That Linksys router is bridged to an AT&T router.The bridging is working fine. The AT&T router's page shows the IP of the Linux box and lists it as a device. The Linksys page shows no errors with packet transmission and receipt. I can ping the Linux box from any client on the AT&T router, and can ping the AT&T clients from the Linux boxI had set the IP of the Linux box to192.168.1.201 while configuring that router, as I had set that router to 192.168.1.200 and it just seemed orderly.The network preferences show eth0 being set to auto dhcp, but the IP is still set to .201 so I don't know that it actually released or renewed.
Were seeing very strange problems related to Alteon and linux clients. We got an Alteon Application Switch 2208(Version 22.0.2) balancing traffic for http, https and ldap. Everything works fine when using windows(iexplorer) or RHEL 5.3 clients, as wget, firefox, or direct telnel to por 80 or 389. But we got some linux machines, a CENTOS 5.5 for example, that can�t make it to work. No special configuration, no different vlans or subnets. It just stay waiting for the response:
