VMware vSphere

 View Only

  • 1.  Communications over SSH or SSL tunnel?

    Posted May 15, 2007 11:31 PM
    Hi all!

    I have a bunch of remote Windows servers on dynamic public ip's (cheapskate clients... don't ask!), and so am stuck on the sgent install fer these systems. I can setup port forwarding to 2144 from the router, but in 6 hours the public ip will change and then its bye-bye comms...

    Has anyone ever setup the agent/server to communicate over a ssh or ssl tunnel? I am thinking this will work but am stuck as to how to set it up!

    (BTW the server has a static public ip so all agent -> server comms are 100%)

    Any advice is much appreciated!


  • 2.  RE: Communications over SSH or SSL tunnel?

    Posted May 16, 2007 03:25 PM
    So why not use something like dyndns.org?


  • 3.  RE: Communications over SSH or SSL tunnel?

    Posted May 16, 2007 06:36 PM
    We wanted to try move away from relying on 3rd parties, as well as the problem of multiple servers (read: client pc's) behind the dynamic ip - and the management of these will then become an extra burden on us.

    I have now looked at Logmein Hamachi which may do it - it does rely on a 3rd party to setup the tunnel but once connected its direct. The technology that's behind it can't be that hard to replicate using openvpn or stunnel though?


  • 4.  RE: Communications over SSH or SSL tunnel?

    Posted May 17, 2007 06:10 PM
    I haven't done it on Windows but I have done similar on Linux. Create an
    stunnel or any similar dynamic ssh/ssl tunnel from client to server,
    specifically tunneling the desired port. Now, in my mind, here's the
    tricky part: to the server all of these machines will be at the localhost
    IP (127.0.0.1), so you will most likely need to tunnel BOTH ports (one
    each way).

    The other gotcha, of course, is that each client's "port" that the server
    talks to will have to be unique.

    John

    > We wanted to try move away from relying on 3rd parties, as well as the
    > problem of multiple servers (read: client pc's) behind the dynamic ip -
    > and the management of these will then become an extra burden on us.
    >
    > I have now looked at Logmein Hamachi which may do it - it does rely on a
    > 3rd party to setup the tunnel but once connected its direct. The
    > technology that's behind it can't be that hard to replicate using openvpn
    > or stunnel though?
    >






  • 5.  RE: Communications over SSH or SSL tunnel?

    Posted May 21, 2007 08:57 AM
    jduino - if I understand right

    client #1 -> stunnel:100001 ->internet -> stunnel server:100001 -> server
    client #2 -> stunnel:100002 ->internet -> stunnel server:100002 -> server
    client #2 -> stunnel:100003 ->internet -> stunnel server:100003 -> server

    And on client 1 when asked what port the server talks to the client on I say 127.0.0.1:100001 etc?