Topic: ipchains

[Nate]

I have a cisco 678 -- all incoming ports ie.. 80, 21, 443, etc. must be defined in the network access translation table in the router -- I have set the router up to forward all the common tcp ports including port 980, yet I cannot access the e-smith manager outside of the local network.  When I goto http://mydomain.com:980 the page will always time out.  Is there another port that I need to define on the cisco router to allow me to gain access to the e-smith manger outside of my local network.

[OSD]

i'm no expert but i believe that e-smith is deliberately set to not allow access via http to the e-smith-manager from outside the network.

in order to access the e-smith-manager from outside the network i always ssh into the server using the admin account and then choose the text mode browser option.

hope this helps.

[Nate]

Ok thats what i was thinking also.  That brings up another problem - the e-smith-password is not accessable outside the network either since it appears to use the same port, if it is not accesable outside the network how can a user change a password?  Lessons on how to use ssh/terminal are out of the question for the user who simply wants to change his password.

[Brian Bartlett]

If the users are always coming from the same ip address, you can always add that ip to the public list.

Since you are behind the cisco does the IP always arreap to be from the cisco?

[Nate]

Yes, the cisco holds the global ip, and routes specified ports to an internal ip.  I guess since there a only a few users, putting the ip in the list would be fine until they have changed the password.

[Bill Ebben]

Have you gone into e-smith-manager and changed the setting for remote administration to public? (A dangerous way to leave it on a permanent basis.)