[TriLUG] LAN/WAN interface question
Owen Berry
trilugbucket at berrybunch.net
Mon Feb 16 13:47:46 EST 2004
I have a Linksys BEFSR41 and in the past I've set it up to forward SSH
to my Linux box, and then using shorewall/openssh limited the external
IP's that can access it. Not sure how different it is with BEFSR11, but
I don't see why it wouldn't work.
I would hang on to the appliance if I could - a double line of defence
makes me feel safer.
Owen
On Mon, 2004-02-16 at 11:41, Jeremy Portzer wrote:
> On Mon, 16 Feb 2004, Mike M wrote:
>
> > I need to open one server on my LAN to an outsider. My Linksys
> > router appliance (BEFSR11) doesn't seem to be up to the job. I think
> > it's time to upgrade to Linux.
> >
> > Reqs:
> >
> > * Allow a certain static IP address to ssh to a single server. (THis is
> > the requirement the appliance doesn't seem to support.)
>
> Even though the appliance may not support this option, you can certainly
> restrict which IP address can connect via ssh with iptables on the local
> server, and/or with the sshd configuration file. This single issue isn't
> really a reason to ditch the appliance IMO, but certainly setting up a
> Linux firewall/router would be a good exercise.
>
> --Jeremy
>
> --
> /---------------------------------------------------------------------\
> | Jeremy Portzer jeremyp at pobox.com trilug.org/~jeremy |
> | GPG Fingerprint: 712D 77C7 AB2D 2130 989F E135 6F9F F7BC CC1A 7B92 |
> \---------------------------------------------------------------------/
More information about the TriLUG
mailing list