[PLUG] IPtables internal port forwarding - eventual solution

Michael Rasmussen michael at jamhome.us
Fri May 8 12:53:04 UTC 2009


On Thursday 07 May 2009 11:27:16 Michael wrote:
> 
> m0gely wrote:
> > If you're using an up-to-date sshd, and employ good password practices,
> > what's the point of doing all this? Honest question.
> 
> As the OP here's the background story.
> 
> At work we manage several thousand switches and routers.
> We're replacing our management platform with a new one.
> There is an internal requirement to NEVER use clear text protocols.

Did I ever mention the management platform runs on either Linux or MSWindows? (Probably Solarias, HPUX ... but that's out of scope for us)

MSWindows hosted systems don't have the conflict problem because remote administration is done through Remote Desktop which uses port 3389 by default.  

We could switch our management application hosting platform to MSWindows. 

My boss is strongly against this option.

Instead we'll go to the IP Address Administration group and request an additional IP for the management workstations.  We'll configure an additional ethernet port to serve the management application on port 22.

-- 
      Michael Rasmussen, Portland Oregon  
    Be appropriate && Follow your curiosity
           http://www.jamhome.us/
  The fortune cookie says:
I know what innocence looks like and it wasn't there, after she got that bicycle.




More information about the PLUG mailing list