This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple machines on one service...?

I'm wondering if it's possible to have two (or more) machines on my LAN that are running ssh on port 22, but depending on the outside requested port, forward it to a certain machine. e.g.

wan request:22000 -> lenore:22
wan request:22001 -> hopfrog:22
wan request:22002 -> fortunado:22
wan request:22 -> montressor:22 (astaro)

Is this the way to go about it, or is there another (better?) solution?

This thread was automatically locked due to age.

0 AJo over 21 years ago

It's possible.
For each internal machine, DNAT incoming connections to the ASL external interface address[:P]ort (22000) to the internal machine and do a PAT as well (translate the port 22000 => 22).

Of course you will need to set up responding SNAT or MASQ rules and Packet filter rules.

If this is the best way? well regarding security I recon setting up a VPN would be better but perhaps not the most flexible sollution if there a many users who shall log in or from shared computers.
Cancel
Vote Up 0 Vote Down

Cancel
0 VelvetFog over 21 years ago

Another solution would be to simply open a PPTP tunnel from the remote machine to the ASL box. Then you can run your SSH connections inside the VPN tunnel, directing them to whichever machine on the internal network that you wish to access.

That way there is no need to map a bunch of different SSH ports out through the firewall.
Cancel
Vote Up 0 Vote Down

Cancel