Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Hi all,
I'm currently overseas but before I left I opened the following ports on my router to point to my DNS-323 with the intensions of continuing the setup while overseas. My router is a WRT54G (default firmware).
22 (SSH)
21 (FTP)
80 (HTTP)
1194 (OPEN-VPN)
I can connect FTP, SSH just fine. I still need to setup openvpn (new to any vpn, so I've never had this working yet).
My current problem is that the HTTP is not working
And I've no way (that I can think of) to access the router web interface to double check that port 80 is actually enabled.
on the DNS-323 I have lighttpd running and netstat -l shows port 80 is listening, when I type in the i.p. address (or dyndns address) all I get is 'page cannot be displayed'.
I then tried to use 'LYNX' the text based webbrowser to run from the SSH session to point to the router, however the page is not rendered correctly and I can not do anything with it.. and it also seems the router doesnt have telnet access.
This leaves me out of ideas, any mastermind here?
Thanks
Offline
i would suggest to tunnel everything except openvpn through shh for security reasons...
Offline
hell0 wrote:
i would suggest to tunnel everything except openvpn through shh for security reasons...
How would one go about doing that?
Offline
On the remote SSH client:
ssh -L local_port:dns_local_ip:80 your_host.dyndns.org
(this can also be done with putty, in Configuration > Connection > SSH > Tunnel if you are using Windows)
"local_port" can be anything above 1024
then, your DNS-323 web page will be reachable with http://localhost:local_port, from the remote PC.
See "ssh+tunnel" on google for further information
Offline
PUTTY.EXE -ssh -l $USER-pw $PASSWORD -D 8080 your.dyndns.url yourSSHport
Add localhost 8080 as Socks proxy in your browser or application and you can access everything behind the WRTGL through ssh.
Offline
Is there a way to make it to where only my account can access the DNS-323 if it is within a certain host range? Like, *.host.city.com or something like that. I want to lock this thing down!
Electrocut wrote:
On the remote SSH client:
ssh -L local_port:dns_local_ip:80 your_host.dyndns.org
(this can also be done with putty, in Configuration > Connection > SSH > Tunnel if you are using Windows)
"local_port" can be anything above 1024
then, your DNS-323 web page will be reachable with http://localhost:local_port, from the remote PC.
See "ssh+tunnel" on google for further information
So I would do this in a terminal and then I could open up a browser or file manager (in my case, Finder) window and be secure? Or is that example ONLY for an SSH connection (e.g. not FTP, Web GUI, etc.)?
Last edited by DasCrushinator (2009-06-13 04:33:19)
Offline
in short:
ssh + tunnel thingy creates a proxy. Your browser (or other apps e.g. spottify, filezilla-ftpclient, etc ) connects to this proxy. The proxy tansfers data securly. You need to configure your browser (or other app) to connect to the proxy. It is simple setup with google as your friend.
Only valid users capable of logging in via ssh can setup a proxy connection.
Google for more.
Anyway the technique is great and simple to setup.
Last edited by bjby (2009-06-13 15:28:10)
Offline
Thanks everyone for the suggestion of tunnel + ssh, I wasnt aware of this and will definately get around to setting it up that way. Sorry for the delay in getting back as I have been on the road for a while.
for now, assuming that I have nothing important on the DNS-323, I would like to set up a webserver to run without the ssh tunnel.
please imagine this scenario:
Before leaving for a trip you enabled port 80 on the router to point to the DNS323 and installed lighttpd on the DNS323. Tried a test webpage and its working fine locally.
You are now overseas and can successfully access the DNS323 using SSH to get a shell and can see that the server lighttpd is running but when you open the web browser and type in the address all you get is 'page cannot be displayed'
------------
All I can think of is to somehow log in to the router's web interface and change (or check) port 80. But I can't think how I can without being infront of it?
Is it possible?
Thanks so much guys!
Offline
crs2027 wrote:
You are now overseas and can successfully access the DNS323 using SSH to get a shell and can see that the server lighttpd is running but when you open the web browser and type in the address all you get is 'page cannot be displayed'
All you need to do is to follow the instruction destribed in the previous posts:
- first solution, discribed in my previous post:
configure the Remote SSH client like this:
Then to access the DNS webpage, type http://localhost:1234 in your brother
- second solution (described in hell0 and bjby's posts)
configure the Remote SSH client like this:
Then to access the DNS webpage, configure your brother with "localhost:1234" as socks proxy server (in connection settings), then type http://local_dns321_ip_address
(replace local_dns321_ip_address, with your the actual IP, of course)
With this solution, it will be possible to check your DNS-323 and your router configuration webpage, remotely.
Last edited by Electrocut (2009-06-14 18:24:13)
Offline
FAN-TAS-TIC !!
Thank you so so much, espcially for taking all the time to post screenshots! I really appreciate that a lot!
Sorry that I missed the whole point earlier about the tunnel, I now (finally) understand how it is used and it works.
Perfect, thank you all so much
Offline
My ISP blocks incoming connections on port 80 (cox.net) I assume others do as well. This could have been your initial problem. I've gotten around it in the past by simply forwarding a different external port to 80 on my device.
The SSH tunnel is a much better solution when security and privacy are of concern, though.
Offline