thr3ads.net - Shorewall users - [Shorewall-users] psftp (win32 sftp client) wont connect to external ssh/sftp box from private ip shorewall protected lan [Dec 2002]

If this information is useful, please help other people find it:
Share via:

Andreas Bittner

2002-Dec-03 13:25 UTC

[Shorewall-users] psftp (win32 sftp client) wont connect to external ssh/sftp box from private ip shorewall protected lan

Hello all,

a private ip 192.168.x.x win32 box will not connect with psftp (win32 sftp
client) to an external public ip ssh/sftp server.
but i can connect with console sftp client on my shorewall/unix box to that
sftp/ssh server without any problems.

i can also use putty (win32 ssh client) from the internal box.

now i thought, sftp is also using the ssh port, and netstat on my firewall
tells me so, so why does putty/ssh from the win32 box work all right to the
external server, but psft wont...

any ideas?

i dont see any log entries (in neither case, neither putty-ssh nor
psftp-sftp) on the shorewall box, and as you see, since putty/ssh works
fine, port 22 is allowed from loc to net....

anyone?

thanks and regards,
andy

Tom Eastep

2002-Dec-03 14:56 UTC

head link

[Shorewall-users] psftp (win32 sftp client) wont connect to external ssh/sftp box from private ip shorewall protected lan

Andy,

--On Tuesday, December 03, 2002 02:25:50 PM +0100 Andreas Bittner 
<bittner@rz.fh-heilbronn.de> wrote:
> Hello all,
>
> a private ip 192.168.x.x win32 box will not connect with psftp (win32 sftp
> client) to an external public ip ssh/sftp server.
> but i can connect with console sftp client on my shorewall/unix box to
> that sftp/ssh server without any problems.
>
I don''t have psftp so I can only report that

1) the Linux sftp client works through my Shorewall firewall (loc->net) 
without any special rules (my loc->net policy is ACCEPT). It seemed to 
create a single ssh connection:

tcp      6 431939 ESTABLISHED src=192.168.1.3 dst=66.35.250.209 sport=34320 
dport=22 src=66.35.250.209 dst=206.124.146.179 sport=22 dport=34320 
[ASSURED] use=1

2) F-Secure''s SSH File Transfer program (a win32 Secure File Transfer 
client) also works through my firewall.

tcp      6 431941 ESTABLISHED src=192.168.1.5 dst=66.35.250.209 sport=1834 
dport=22 src=66.35.250.209 dst=206.124.146.178 sport=22 dport=1834 
[ASSURED] use=1

You may have to use tcpdump or ethereal to understand what''s going
wrong
with your Windoze client.

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://shorewall.sf.net
ICQ: #60745924  \ teastep@shorewall.net

Maybe Matching Threads

Search for more possibly parallel threads

Shorewall users - Dec 2002 - psftp (win32 sftp client) wont connect to external ssh/sftp box from private ip shorewall protected lan

[Shorewall-users] psftp (win32 sftp client) wont connect to external ssh/sftp box from private ip shorewall protected lan

[Shorewall-users] psftp (win32 sftp client) wont connect to external ssh/sftp box from private ip shorewall protected lan

Maybe Matching Threads