On Monday 23 March 2009 19:33:58 JohnS wrote: > On Mon, 2009-03-23 at 18:37 +0000, Anne Wilson wrote: > > > Her's another example it will do what you want, your just > > > misunderstanding it. I have 2 customers that use Netgear routers. I > > > think your not setting up the Nat - Add Page. > > > http://portforward.com/english/routers/port_forwarding/Netgear/DG834G/e > > >Mule .htm One thing are you using it for the DSL or another modem/router > > > for dsl? If your using two only one can be Natted and the other Main > > > router in Bridged Mode. > > > > The router is also the DSL modem. > > Ahh, and a warning about that. Make sure after you get the port fowarding > working that the router is not wide open. Meaning every port open. Zyxel > and Netgear are very similiar in design (software) and both of them have > this problem. This only occurs when it is in the routing mode > As far as I can see it defaults to outward traffic being open, but inward traffic blocked apart from the rules I set. > > OK - I'm thick. I've looked at that page and seen only what I'm already > > familiar with. Please, in plain English, how do I set ssh to come in on > > port 22022 (service called ext-ssh already set up for that) to be > > forwarded to 192.168.0.xx port 22? > > If you can hold your horses I may can tell you in Plain Eng later on. At > the moment I am not directly in front of one and the ones I have access > to can not be accessed over the WAN. This would be later EST Time > Tonight. > It's not hugely urgent - I'd like to get it set up and working before the end of the week. If you reply later today I'll see it tomorrow, and that is just fine. > It gives you a choice of what ports you want the service to use. You > simply have to enter the numbers into the empty boxes (choose Custom > Service). IE; you will have to make a Custom Service. > > Looking at your port choice from a Social Engineering Stand Point your > defeating the purpose of port masking. Choosing port 22022 tells me that > you have ssh running on a server. Non the less you can also do what > Steve said. > I'll look at both options, once I've seen your next reply. I'm aware that this is not locked-down security, just that it will deter the casual poke- around merchants. Once I'm convinced that I have it working it will be disabled except for the periods when I'm away from home. (I do know that works, because last time I was away I forgot to re-enable the imap service, and I couldn't get in.) Anne -- New to KDE4? - get help from http://userbase.kde.org Just found a cool new feature? Add it to UserBase -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20090323/fdeada62/attachment-0005.sig>