Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: jehu on March 01, 2002, 10:52:46 PM
-
Hi I am mew to e-smith,
I set the server up as a server and gateway. I have a windows 2000 server behind
this and need to access the sever from my work. I also have Window XP and also
need to access this remotely also. Win.2000 is using terminal services and xp
remote access. I am told the port is 3389. I installed ip forwarding from
http://www.myezserver.com/downloads/mitel/contrib/portforwarding-0.0.1/
And set it up like this:
External Port number: 3389
Destination IP address:192.168.7.65
Destination Port number:3389
and it does not work.
Can anyone help.
Thanks,
Jehu.
-
Do your machines behind the e-Smith have the e-Smith server IP number as their default gateway?
/B
-
It does have the e-smith server as the default gateway and it still does not work.
Thanks,
Jehu.
-
did you make 2 entries??
you need 2, one for tcp and one for udp
also, I don't think that what u want to do will work this way
try setting up PPTP from your work and vpn into your e-mith box at home
i do this and it works like a charm
terminal services should work if you connect to the ipaddress of the machine
or setup another e-smith box at work and setup IPSEC using freeswan
http://www.myezserver.com/docs/mitel/freeswan-howto.html
you have to have static ip at both ends for freeswan to work
steve
jehu wrote:
>
> Hi I am mew to e-smith,
> I set the server up as a server and gateway. I have a
> windows 2000 server behind
> this and need to access the sever from my work. I also have
> Window XP and also
> need to access this remotely also. Win.2000 is using terminal
> services and xp
> remote access. I am told the port is 3389. I installed ip
> forwarding from
> http://www.myezserver.com/downloads/mitel/contrib/portforwarding-0.0.1/
> And set it up like this:
>
> External Port number: 3389
> Destination IP address:192.168.7.65
> Destination Port number:3389
>
> and it does not work.
> Can anyone help.
> Thanks,
> Jehu.
-
I usually do this using SSH from work.
I connect to my SME server using SSH with certain local port forwarding entries like:
ssh username@smeserver -L 3389:win2kIP:3389 -L 3390:xpip:3389
and then, I can connect to Win2K by pointing the remote desktop application to localhost.
For the second connection, you have to do a little trik:
Setup your connection to localhost then export it to a file. Open the file and change the port to 3390, Then re-import it into the remote desktop application.
Setup both connections as shortcuts to your desktop.
On connecting to the first one, it will go through the ssh tunnel and to your Win2K server. On using the second, it will still go through the ssh tunnel but go to the xp box.
If your client is a windows PC, you must use a client that allows port forwarding or setup your SME server to enable these by default for a specific client.
Hope this helps.
Serge.
-
I am new to this, can you please tell me the steps to setup the PPTP from remote area and is there anything I need to do on the e-smith box.
Thanks,
Jehu.
-
http://www.e-smith.org/docs/manual/5.1/admin-remoteaccess.html#pptp
-
I am not sure what you mean by this. I get into my box using ssh but when I try to run ssh username@smeserver -L 3389:win2kIP:3389 -L 3390:xpip:3389.
I type ssh admin@myservername -L 3389:win2kip:3389 and the only box I get into is the e-smith box. how do I connect to my terminal service on the win2k.
Please explain some more.
Thanks,
Jehu.
-
Then, you have to follow the rest of the instructions I had initially
posted.
The ssh session must be initiated from the windows PC you will use to
connect using remote desktop client or terminal server client.
After you get the ssh connection, you just minimize it. You don't really
need it anymore. Then, you use the Remote Desktop Client OR the Terminal
Server Client on that same windows pc to connect to "localhost". This will
connect you to the remote Win2kip through teh ssh tunnel if you followed the
verbose of my post.
In any case, please read my initial post about connecting to a second PC
running remote desktop within your LAN. The key for all this is the
export/import of the connection parameters and the modification of the port
to use to connect.
Please note that you do not modify the terminal server itself, just the way
the client connect.
The whole deal about using ssh instead of just port forwarding is that your
connection is encrypted between your PC and your SME server (usually, this
is the internet segment that needs protection).
Serge.
-
I have done what you seek to do using VNC. First read up on WinVNC(search google). Pay attention to the use of TCP ports. Then install TightVNC (search google), which is an improved version. From SME, Port Forward TCP 5900 to machine1 ip address and TCP 5901 to machine2 ip address. Configure VNC on machine1 to use the default display number which is 0. Set machine2 to use display number =1. The system with display number=0 is listeing on port 5900. Display number1 listens on 5901, display #2 listens on 5902, etc.
To reach your first machine from work, open the VNC viewer, and enter the host name or IP of your SME server at home. For machine1, use the default display 0 by not typing anything after SME host name or IP address, or you can enter it after the IP or host name like this "host.sme:0" or 213.22.34.2:0. For default setting, 213.22.34.2 is the same as 213.22.34.2:0
To connect to machine2, enter "host.sme:1" or the IP address:1. READ READ READ on the WinVNC site. VNC is a great free program and is easly to configure through SME with port forwarding.
For more security, first connect to your SME with IPSEC or PPTP VPN. If you do VPN instead of Port Forwarding, you do not have to use different display numbers with VNC as you are directly connecting to the machines IP address, but it will still work if you assign display numbers, you just have more numbers to remember.