<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Eric, thanks. I believe ssh tunnels
will work. I think I also need to use iptables for local
forwarding to and from the actual device from the ssh tunneling
machine. I don't know, though, because obviously I'm unfamiliar
with ssh tunneling.<br>
<br>
Thanks,<br>
<br>
Omar<br>
<br>
<br>
On 2/13/2015 8:36 AM, Eric Eisenhart wrote:<br>
</div>
<blockquote
cite="mid:CABVn7ind33=cUSjt-0DusDy+pkCQ6m+JhfGUj8HHLTwYis6exw@mail.gmail.com"
type="cite">
<div dir="ltr">Omar,<br>
<br>
Ssh can run tunnels, both specific (port forward) and generic
(SOCKS proxy).</div>
<br>
<div class="gmail_quote">On Fri Feb 13 2015 at 6:25:19 AM Omar
Eljumaily <<a moz-do-not-send="true"
href="mailto:omar@omnicode.com">omar@omnicode.com</a>>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Thanks
Robert. The device doesn't support running processes on it.
My<br>
understanding of ssh is that it can run shell based processes,
but not<br>
generic tunnels. pptp or ipsec would work, but that would
involve<br>
modifying the host firewall in a way that his more complex
than then<br>
port forward.<br>
<br>
Thanks,<br>
<br>
Omar<br>
<br>
<br>
On 2/12/2015 4:26 PM, Robert P. Thille wrote:<br>
> On 02/12/2015 01:57 PM, Omar Eljumaily wrote:<br>
>> I have to put a device behind a firewall, and they
don't know how to do a port forward at the site. I don't
think they want me to mess with their firewall<br>
>> either. The device supports SNMP apparently.<br>
>><br>
>> I was thinking that I could rig something up where I
put in an intermediary device on their network that sends
messages out every minute or so talking to a<br>
>> server that will relay messages back to the device.
Once I get a hit at the server, the messages can go faster
than once a minute.<br>
>><br>
>> Is there anything that does this already? It seems
like it would be handy since there are an increasing amount of
monitoring devices that people want<br>
>> installed and controlled, and I don't think people
want to punch a hole in their firewalls for each device.<br>
> You could have a process on the device behind the
firewall which periodically checks for messages at a queue
outside the firewall.<br>
><br>
> Or, if the device doesn't allow that, you can use the 3rd
device idea. But you could use an SSH tunnel instead of what
you described and have basically full<br>
> network access to the device.<br>
><br>
> Robert<br>
><br>
<br>
_______________________________________________<br>
talk mailing list<br>
<a moz-do-not-send="true" href="mailto:talk@nblug.org"
target="_blank">talk@nblug.org</a><br>
<a moz-do-not-send="true"
href="http://nblug.org/cgi-bin/mailman/listinfo/talk"
target="_blank">http://nblug.org/cgi-bin/mailman/listinfo/talk</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
talk mailing list
<a class="moz-txt-link-abbreviated" href="mailto:talk@nblug.org">talk@nblug.org</a>
<a class="moz-txt-link-freetext" href="http://nblug.org/cgi-bin/mailman/listinfo/talk">http://nblug.org/cgi-bin/mailman/listinfo/talk</a>
</pre>
</blockquote>
<br>
</body>
</html>