Re: port forwading problem

From: Andrew Schulman (andrex_at_deadspam.com)
Date: 09/17/04

Next message: Richard E. Silverman: "Re: port forwading problem"
Previous message: chris AT devidal DOT tv: "Disable the server's login banner for a user"
In reply to: Michael Surette: "port forwading problem"
Next in thread: Richard E. Silverman: "Re: port forwading problem"
Reply: Richard E. Silverman: "Re: port forwading problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 17 Sep 2004 11:00:25 -0400

> I have three computers: S, C, F
> S is a server for a database package on port 12345
> C is a client
> F is a forwarding machine which connects to the Internet
>
> All three are running Linux with openssh v 3.9p1
>
> F has port forwarding enabled with the following two lines in sshd_config
> AllowTcpForwarding yes
> GatewayPorts yes
>
> On C I run ssh -N -g -L 12345:S:12345 user@F
>
> When I run on C 'telnet localhost 12345' I get an error message in the
> window where I started the port forwarding that says
> 'administratively prohibited: open failed'
> In the logs of F I get
> 'sshd[8025]: error: connect_to S: unknown host (Name or service not known)'
>
> I can logon to the package by doing 'telnet S 12345' from either C or F
> without a problem, but I want to forward through F so external users can
> access this service.
>
> Any hints, pointers, suggestions, or perhaps even a solution?

- crank up the debug level on the ssh client and/or server, and see if
you can get more details.

- "unknown host" = DNS or firewall problem on F? Can you successfully
'telnet S 12345' from a shell session on F?

- use netstat -an | grep 12345 on C before and after starting ssh, to be
sure the port forwarding succeeded.

Good luck,
A.

-- 
To reply by email, change "deadspam.com" to "alumni.utexas.net"

Next message: Richard E. Silverman: "Re: port forwading problem"
Previous message: chris AT devidal DOT tv: "Disable the server's login banner for a user"
In reply to: Michael Surette: "port forwading problem"
Next in thread: Richard E. Silverman: "Re: port forwading problem"
Reply: Richard E. Silverman: "Re: port forwading problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Unable to print to networked printer - get access denied messa
... Check the permissions on the server assuming the client has a true RPC ... How is the Standard TCP/IP port configured for the device? ...
(microsoft.public.windowsxp.print_fax)
Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
... That's the problem tunneling (port forwarding) solves. ... >>can't get past the client firewall. ... > I don't understand why the server would be making the ... server initiates another connection to the client -- in this ...
(Debian-User)
Re: Remote Connection Issue
... through port number 3389 and a workstation on the LAN through port number ... I understand that you want to allow a LAN client ... and you have configured server publishing rule ... > By default Terminal Server and Windows 2000 Terminal Services uses TCP ...
(microsoft.public.windows.server.sbs)
Re: RealVNC
... Default listening port for RealVNC server that runs on the machine on which ... Then there is default Java listening port on port 5800 on the client machine ...
(microsoft.public.windows.server.sbs)
Re: Redirecting data sent to a local printer to another host and port on the network
... All client workstations have access to the ... simply redirecting netcat traffic on port 9100 to port 515 on ... Only LPR clients talk to LPD print server daemons. ... >workstation at the branch site where the print job originated. ...
(comp.unix.sco.misc)