Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Secure Shell

Reply
 
Thread Tools Display Modes
  #1  
Old 01-25-2006, 03:45 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
SSH Tunneling / Port Forwarding: Email in Office

Hello,

My office IT admin has blocked port 110 (I think) because I cannot access email from MAIL.MYDOMAIN.COM on the usual port 110.

Also, for the web, I cannot access very normal ports such as http://MYDOMAIN.COM:2082 (which is the Cpanel.net's control panel for my domain, a very typical scenario these days).

I am hoping to find out how to use port forwarding or SSH tunneling. I use SecureCRT 5.0.4.

Is there a step by step, non-geeky guide to make sure a localhost:110 points to MAIL.MYDOMAIN.COM:110 and then I can access my email with localhost as the POP3 server? Similarly, how can I access port 2082 for HTTP by pointin it to localhost:80 or something?

Am I on the right track?

Many thanks for any pointers.

Last edited by shanx24; 01-25-2006 at 03:49 PM.
Reply With Quote
  #2  
Old 01-25-2006, 06:21 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
I typed up a little thing on this before:
http://forums.vandyke.com/showthread.php?t=1208
__________________
----------------------------------------------
Tom O'Loughlin
Reply With Quote
  #3  
Old 01-25-2006, 11:45 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
Thank you but that little thing is very little indeed, and too technical. As I requested, I would like something step by step for people who don't understand NAT or vshell or stuff like that.

I use SecureCRT 5.0.4, latest version as I write this, and can connect to an SSH server. After that, please explain step by step what I need to change in Outlook Express or in the browser, and in the SecureCRT interface.

Many thanks!
Reply With Quote
  #4  
Old 01-26-2006, 02:41 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
OK.

I did a google search for "port forward email securecrt" and found this ... screenshots & everything. Looks like the screenshots are from an older release, but I think it will help.

http://www.cs.unc.edu/help/network/i...ets/securecrt/
__________________
----------------------------------------------
Tom O'Loughlin
Reply With Quote
  #5  
Old 01-26-2006, 03:08 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
Thank you for helping! I have searched Google of course, and come across that university site before, but their screenshots are all from old versions of SecureCRT so a duffer like me is having a hard time figuring out.

Here is what I have now (this is from PROPERTIES of my connection called "port forwarding") --

Left hand menu item: SSH2 -- has value FTP.MYDOMAIN.COM and SSH2 port (2244). The connection works fine, I have connected several times.

Now, Left hand menu item: Port Forwarding -- on right hand side I have two listings:

(a) Name=POP3, Local Address=110, Remote Host=MAIL.MYDOMAIN.com:110
(b) Name=SMTP, Local Address=25, Remote Host=MAIL.MYDOMAIN.COM:25

The login ID for my FTP.MYDOMAIN.COM (main SSH2 server for this connection) is of course different from my mail server, but the issue of login IDs has not come up in any of these instruction sites. So I take it that is a non-issue.

The connection connects fine, I always end up connecting to my server. But in my Outlook Express, when I change the POP3 and SMTP servers to "localhost" I keep getting connection errors.

Any thoughts? I am attaching screenshots here too.

Thanks in advance!
Attached Images
File Type: gif 1.gif (16.6 KB, 226 views)
File Type: gif 2.gif (16.7 KB, 215 views)
Reply With Quote
  #6  
Old 01-26-2006, 03:55 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
OK - what is the remote ssh2 server?
Does it allow port forwarding?

Can you turn on tracing options in SCRT (file - Trace Options ... before you connect to the ssh server) and let me know what it says when you send/receive from OExpress?

It should say ... something like: "Starting port forward from ..."

Quote:
when I change the POP3 and SMTP servers to "localhost" I keep getting connection errors.
What connection errors? What message is in OExpress?
__________________
----------------------------------------------
Tom O'Loughlin
Reply With Quote
  #7  
Old 01-26-2006, 04:06 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
1. Not sure if SSH2 server supports port forwarding. How should I enable it? I can login to root shell, but don't know how to execute command to enable port forwarding. Thanks for any tip!

2. Screenshot of Outlook Express error message attached.

3. Tracing is on. I am attaching a TEXT file with the message.

Many thanks!!
Attached Images
File Type: jpg oe.JPG (42.8 KB, 223 views)
Attached Files
File Type: txt trace.txt (3.2 KB, 168 views)
Reply With Quote
  #8  
Old 01-26-2006, 04:34 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
Btw, some more trace info:

Quote:
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:110 to remote mail.MYDOMAIN.com:110.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:4091 to mail.MYDOMAIN.com:110. Reason: Opening the channel was administratively prohibited. Server error details: open failed
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:110 to remote mail.MYDOMAIN.com:110.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:4092 to mail.MYDOMAIN.com:110. Reason: Opening the channel was administratively prohibited. Server error details: open failed
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:110 to remote mail.MYDOMAIN.com:110.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:4098 to mail.MYDOMAIN.com:110. Reason: Opening the channel was administratively prohibited. Server error details: open failed
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:110 to remote mail.MYDOMAIN.com:110.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:4099 to mail.MYDOMAIN.com:110. Reason: Opening the channel was administratively prohibited. Server error details: open failed
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:110 to remote mail.MYDOMAIN.com:110.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:4119 to mail.MYDOMAIN.com:110. Reason: Opening the channel was administratively prohibited. Server error details: open failed
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:110 to remote mail.MYDOMAIN.com:110.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:4120 to mail.MYDOMAIN.com:110. Reason: Opening the channel was administratively prohibited. Server error details: open failed

What could this be?

Last edited by shanx24; 01-26-2006 at 04:36 PM.
Reply With Quote
  #9  
Old 01-26-2006, 05:09 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
I turned off port forwarding ability on my ssh2 server, and get the same-ish message:
Quote:
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:23 to remote ssh.MYDOMAIN.com:23.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:2787 to ssh.MYDOMAIN.com:23. Reason: Opening the channel was administratively prohibited.
I'd say that the ssh2 server does not allow port forwarding. Is this YOUR server, or a Hosted server?
__________________
----------------------------------------------
Tom O'Loughlin
Reply With Quote
  #10  
Old 01-26-2006, 05:14 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
It is my server, I have root access. I checked with my network provider. The server has port forwarding enabled for sure. Could it be the port number? My server has SSh2 on port 2244 instead of regular 22. But this is my properties for the SSH2 connection, and I can connect alright. Does SecureCRT have problems with non-standard SSH2 ports like 2244?
Reply With Quote
  #11  
Old 01-26-2006, 05:35 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
Quote:
Originally Posted by shanx24
Could it be the port number? My server has SSh2 on port 2244 instead of regular 22 ... Does SecureCRT have problems with non-standard SSH2 ports like 2244?
Nope. I use 25000+ port numbers for this stuff. I just tested VNC to confirm.

if you #telnet mail.mydomain.com 2244 can you tell me the server version?
Also, are you doing this as 'root' or another user? Sometimes root is denied port forwarding by default.
__________________
----------------------------------------------
Tom O'Loughlin
Reply With Quote
  #12  
Old 01-26-2006, 05:44 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
Version is "SSH-2.0-OpenSSH_3.6.1p2"

No, the SSH2 session is not as root of course, that is for a specific domain name, so as that domain's username.

Here is something I want to do-- for my website https://MYDOMAIN.com:2083, I would like to use http://localhost:2083. Is this possible?
Reply With Quote
  #13  
Old 01-26-2006, 07:20 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
Hehe, didn't see your trace options attachment earlier.
Can you re-do the trace, but keep it running while OExpress tries to connect & then exit the SCRT session & attach again.
The trace doesn't include the port forward attempt.

I just did the test on my server & it worked OK; see attachments.
Attached Images
File Type: jpg srOK.jpg (140.7 KB, 202 views)
Attached Files
File Type: txt full_trace.txt (3.5 KB, 177 views)
__________________
----------------------------------------------
Tom O'Loughlin

Last edited by toloughlin; 01-26-2006 at 07:27 PM.
Reply With Quote
  #14  
Old 01-27-2006, 10:36 AM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
Thanks! Can you attach your SecureCRT port forwarding screenshot?
Reply With Quote
  #15  
Old 01-28-2006, 02:25 PM
shanx24 shanx24 is offline
Registered User
 
Join Date: Jan 2006
Posts: 13
Additional trace info.

The trace I attached before did not show the error message after Outlook Express tries to connect. Here it is:

Quote:
[LOCAL] : Starting port forward from 127.0.0.1 on local 127.0.0.1:1100 to remote mail.MYDOMAIN.com:110.
[LOCAL] : Could not start port forwarding from local service 127.0.0.1:1748 to mail.MYDOMAIN.com:110. Reason: Opening the channel was administratively prohibited. Server error details: open failed
That's the only additional bit. Everything else is same.

Help!
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 10:23 AM.