On 22 Oct 95 at 10:00, Tim Hermans wrote:
>
> I need some guidance here. We're trying to turn our Portmaster
> 2e into a console server. In other words we'll connect each of
> our machines's console port to a port on the Portmaster and be
> able to access it over the net via the PM.
>
> I'm having trouble doing this.
>
> I had the idea that you configure each port on the PM as follows:
>
> ----------------------- Current Status - Port S1 ----------------
> -----------
> Status: IDLE
> Input: 0 Parity Errors: 0
> Output: 0 Framing Errors: 0
> Pending: 0 Overrun Errors: 0
>
> Active Configuration Default Configuration
> (* = Host
> -------------------- ---------------------
> Can Override)
> Port Type: Device Device
> Device Service: Telnet@10001 Telnet@10001
^^^^^^^^^^^^
There it is. The PM manual defines, that the Telnet ports from 10000
to 10100 are defined for outbound security. Perhaps this is exactly
what you want. If you use port numbers excluding this range, you are
able to connect with "telnet <portmaster> <port>". But what about
security? Everyone would be able to connect, or you define filters on
the ethernet port.
Outbound security means, that only the Portmaster itself may connect
to the port. Now the trick is as follows:
- set the telnet port numbers in the range 10000-10100, for example
S1 to 10001 or S29 to 10029.
- define users for outbound access, that automatically connect to the
Portmaster itself with telnet and the port number, example:
add user s1
set user s1 password whateveryouwant
set user s1 service telnet 10001
set user s1 host theportmasteritself
save user
Now you may telnet to the Portmaster as normal, login as
s1/whateveryouwant and got connected to the desired port. Works like
a charm.
regards,
Frank
-- ***** The expressed opinions are totally mine! ***** Frank M. Heinzius MMS Communication GmbH frimp@mms-gmbh.de Eiffestrasse 598 Phone: +49 40 211105-0 Fax: +49 40 210 32 210