----- Original Message -----
From: "John Doe" <jdmls@xxxxxxxxx>
To: <squid-users@xxxxxxxxxxxxxxx>
Sent: Thursday, May 06, 2010 3:04 PM
Subject: Re: SSH not working With Squid3.0
From: "Adam@Gmail" <adbasque@xxxxxxxxxxxxxx>
Internet > [ISP-Modem] <Router / Firewall> (LocalNetwork )
Local Network > Machine1 Machine2 Machine3 Machine4 Machine5 Machine6
Machine1 = SQUID3.0
Machine2= Mail-Server
...
I can access these machines except via SSH
Even though I have forwarded requests to each machine's SSH port
Forwarded requests?
We were talking about local sshing... right?
Why would you forward, how, and from where to where?
Are you talking about ssh from the Internet to the local network, through
the firewall?
I did ask if local ssh was working... Is it?
If you go on a local machine and try to ssh to another local machine, does
it work?
I was talking about both from the internet and the local Network
I did explain that from the local if I do
ssh 192.168.1.6 on port 2224
I get the error message
ssh host 192.168.1.6 port 2222 connection refused
And the port 2222 is the port of the machine on which the proxy server runs
it doesn't matter from which machine I am trying to ssh another machine
I get the same error message:
As if my entire network is locked into one ssh port and that is the ssh 2222
which also runs the router
Do you see what I mean even though I do specify the port number
of the machine which in this case is the port 2224
But I get the error message replying with the Squid's port number 2222,
and that is regardless from which machine I am trying to send the SSH
request
No, I don't understand how this squid server would magicaly capture all
the packets...
If from machine A I try to ssh to machine B, the packet will go to machine
B directly.
Unless I am wrong, it will only go through the gateway if the target IP
network is different.
We still miss information, like routing, forwarding rules, etc...
try to follow the packets routes.
Maybe you will need to look at tcpdumps...
Yes normally when you ssh a machine internally you don't need rerouting or
forwarding
I am not saying I have forwarded the internal requests, I forwarded requests
coming from the internet
for instance using clients such as putty etc..
But no connection is allowed either internally or externally.
I hope that helps
JD
Regards
Adam
