[PLUG] Need Help "SSH through VPN"
Jenifer Chung
jeniferchu at gmail.com
Thu Mar 8 17:21:56 UTC 2007
Thank you Carla and All. I think we have enough for this discussion. The
bottom line is I gave up and let the network guy does whatever he wants to
do. I know, Carla, OpenVPN is nice. But it is too late for this network guy.
He already spent too much company's money to implement Juniper VPN (a
commercial expensive product package). Ok, I want everyone has job and food
on table for their family. If I bring up OpenVPN to the management, he will
be out the door.
Thanks again my friends,
Jenifer
On 3/6/07, Carla Schroder <carla at bratgrrl.com> wrote:
>
> Er...sorry for the continued ranting, because you have to deal with what
> you
> have, but that is braindead. SSH through a real VPN tunnel is very nice,
> because then you have fewer hassles with forwarding and punching holes in
> your firewall. With a real VPN, once the tunnel is established you run
> SSH,
> or whatever you want to do, just the same as on your LAN.
>
> If "209.152.98.99" is your alleged VPN gateway and SSH stops dead there,
> that
> confirms that's the roadblock.
>
> For anyone who wants a real genuine excellent VPN, OpenVPN is wonderful.
> Get
> the book "OpenVPN: Building and Integrating Virtual Private Networks". The
> docs on openvpn.org are pretty good, but the book is easier to understand
> and
> more thorough.
>
> Carla
>
> On Tuesday 06 March 2007 14:09, Jenifer Chung wrote:
> > Thanks Carla,
> >
> > Juniper VPN server can not get to prompt to do ssh according to network
> > guy. Here is from my Linux server tried to connect to VPN server:
> >
> > Linuxserver01> ssh -vvv vpn.pcc.edu
> > OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
> > debug1: Reading configuration data /etc/ssh/ssh_config
> > debug1: Applying options for *
> > debug2: ssh_connect: needpriv 0
> > debug1: Connecting to access.pcc.edu [209.152.98.99] port 22.
> > debug1: connect to address 209.152.98.99 port 22: Connection timed out
> > ssh: connect to host access.pcc.edu port 22: Connection timed out
> >
> > Linuxserver01> tcpdump -v net 20.152.98.99
> > tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
> > bytes
> >
> > 0 packets captured
> > 0 packets received by filter
> > 0 packets dropped by kernel
> >
> > For security purpose, the IP address is not real one on this email
> message.
> > Thanks,
> >
> > Jenifer
> >
> > On 3/6/07, Carla Schroder <carla at bratgrrl.com> wrote:
> > > Ok, trying to be actually helpful here....
> > >
> > > ssh -vvv is a good idea. Also, running ethereal or tcpdump on the ssh
> > > client,
> > > which was already suggested. It seems to me that everything points to
> a
> > > problem on the "VPN' portal, some kind of access control or routing
> gone
> > > astray.
> > >
> > > Carla
> > >
> > > On Tuesday 06 March 2007 12:09, Sean Whitney wrote:
> > > > Anything interesting using ssh -vvv when connecting through the VPN?
> > > >
> > > >
> > > > Sean
> > > >
> > > > Jenifer Chung wrote:
> > > > > Hi Drew,
> > > > >
> > > > > No. They all the same subnet 209.152.98.*
> > > >
> > > > _______________________________________________
> > > > PLUG mailing list
> > > > PLUG at lists.pdxlinux.org
> > > > http://lists.pdxlinux.org/mailman/listinfo/plug
> > >
> > > --
> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > Carla Schroder
> > > Linux geek and random computer tamer
> > > check out my Linux Cookbook!
> > > http://www.oreilly.com/catalog/linuxckbk/
> > > best book for sysadmins and power users
> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > _______________________________________________
> > > PLUG mailing list
> > > PLUG at lists.pdxlinux.org
> > > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
> > _______________________________________________
> > PLUG mailing list
> > PLUG at lists.pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Carla Schroder
> Linux geek and random computer tamer
> check out my Linux Cookbook!
> http://www.oreilly.com/catalog/linuxckbk/
> best book for sysadmins and power users
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
More information about the PLUG
mailing list