We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Course Of The Month
1 day, 23 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Need help configuring a Sonic Wall TZ 170 for SSH
Posted on 2009-07-09
I have little to no experience configuring sonic wall firewalls. I have done port forwarding on Linksys and Netgear routers. We have an Ubuntu system in our office that we would like to connect to remotely via SSH (Putty). Internally we can attach to the router via Putty from another workstation. I have already exported configuration file as a backup. I am looking for a ruff outline of steps needed to get SSH to work. Do I need to configure NAT? Thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
Hi - this should be as simple as a NAT rule on the sonicwall to forward traffic to the Ubuntu box....
Theres a guide here....just substitute with port 22 TCP
http://portforward.com/english/routers/port_forwarding/Sonicwall/TZ-170/Echolink.htm
To add to this though....exercise extreme caution when opening SSH to the outside world - SSH can give control over a machine and therefore is heavily targeted for attack. I'd strongly suggest that you think about using key based authentication or at the very least strong passwords. If at all possible restrict where you permit ssh inbound from, and if this isn't possible, you may also want to consider running ssh on a different port and using fail2ban to automatically ban IP's that persistently fail to authenticate.
I'd read the following:
http://thinkhole.org/wp/2006/10/30/five-steps-to-a-more-secure-ssh/
and
http://www.fail2ban.org/wiki/index.php/Main_Page
before you proceed :)
Theres a guide here....just substitute with port 22 TCP
http://portforward.com/english/routers/port_forwarding/Sonicwall/TZ-170/Echolink.htm
To add to this though....exercise extreme caution when opening SSH to the outside world - SSH can give control over a machine and therefore is heavily targeted for attack. I'd strongly suggest that you think about using key based authentication or at the very least strong passwords. If at all possible restrict where you permit ssh inbound from, and if this isn't possible, you may also want to consider running ssh on a different port and using fail2ban to automatically ban IP's that persistently fail to authenticate.
I'd read the following:
http://thinkhole.org/wp/2006/10/30/five-steps-to-a-more-secure-ssh/
and
http://www.fail2ban.org/wiki/index.php/Main_Page
before you proceed :)
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
1. Introduction
As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system.
The idea is that you insta…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address.
There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses
Course of the Month1 day, 23 hours left to enroll
717 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.