PDA

View Full Version : Softsqueeze and Remote Streaming - some success



Tim Marino
2004-04-29, 18:26
Roy,

Thanks to all your help I've navigated through this
and it works except not from work.

Found a curious thing from home. Apparently the
Netgear router prevented me from testing the external
address. So while I could get a valid connect on
192.168.0.3 from my Windows machine, the router
stopped me from testing the external. I completed this
test using a dial connection and could connect just
fine.

That leaves the problem at work. I thought for sure I
could tunnel out on port 443 but obviously that nasty
webnazi and his novell border manager have evil
intentions. I suspect there is some sort of proxy I am
not seeing. Is there anything else I can try?

Otherwise I may have to burn some discs and do this
the hard way. :(

I really do appreciate all the help. Will try to get
my notes cleaned up and post them to help others with
less restrictive environments. This was quite a ride,
I hope I remember all the steps!

--- "Roy M. Silvernail" <roy (AT) rant-central (DOT) com> wrote:
> On Wed, 2004-04-28 at 10:06, Tim Marino wrote:
> > Ok thought I'd fill you in on the latest
> developments
> > and see what further advice you may have to offer.
> >
> > I have confirmed that sshd is running and have it
> > listening on ports 22 and 443. I am planning to
> use
> > 443 from work since it appears to be available.
>
> That's the HTTPS port. Should work fine and from
> the outside, it's hard
> to tell SSH from HTTPS.
>
> > >From home using my windows machine I can
> successfully
> > connect to the linux box on either ports 22 or 443
> > when using putty and my internal IP address
> > 192.168.0.3. So it looks like sshd is set up ok.
>
> Yep, all good so far.
>
> > When I try to connect with the external ip address
> I
> > get a connection refused message. I checked the
> router
> > and I have ports 22 and 443 forwarding to the
> linux
> > IP. I ran a port scan with Gibson's Shieldsup and
> it
> > reports that ports 22 and 443 are open so I don't
> > think the ISP is blocking and I think this
> confirms
> > the router is correct.
>
> A couple of things to try. Try to SSH to your
> outside IP address from
> home. If that works, it confirms that your router
> is forwarding
> correctly. Then from your remote location, try
> doing a telnet to port
> 22 and port 443. If it connects, you'll see a SSH
> banner. I forgot to
> ask if you have to configure a proxy explicitly at
> your remote
> location. If so, it may require a different
> technique than just
> connecting through.
>
> > I currently do not have a firewall on the linux
> box
> > (bad yes but I'm having enough problems without it
> for
> > now). What else should I be checking? I think I'm
> > pretty close to solving this.
>
> Try the above. I think you *are* close.
> --
> Roy M. Silvernail is roy (AT) rant-central (DOT) com, and
> you're not
> Never Forget: It's Only 1's and 0's!
> SpamAssassin->procmail->/dev/null->bliss
> http://www.rant-central.com
>
>

Roy M. Silvernail
2004-04-29, 21:33
On Thu, 2004-04-29 at 21:26, Tim Marino wrote:
> Roy,
>
> Thanks to all your help I've navigated through this
> and it works except not from work.
>
> Found a curious thing from home. Apparently the
> Netgear router prevented me from testing the external
> address. So while I could get a valid connect on
> 192.168.0.3 from my Windows machine, the router
> stopped me from testing the external. I completed this
> test using a dial connection and could connect just
> fine.

Now that I think of it, I've had routers do the same thing. It works
for me right now, but probably because I get a 10.x.x.x address from my
ISP and they NAT me to my external address, so the router doesn't see
the potential loop.

> That leaves the problem at work. I thought for sure I
> could tunnel out on port 443 but obviously that nasty
> webnazi and his novell border manager have evil
> intentions. I suspect there is some sort of proxy I am
> not seeing. Is there anything else I can try?

Transparent proxies can be a real pain. With an explicit proxy, you can
often use the CONNECT method to pass through to an arbitrary address,
but transproxies don't usually allow that (cuz they're s'posed to be
"stealthy"). If that's your situation, I'm afraid I don't see any handy
remedy.

> Otherwise I may have to burn some discs and do this
> the hard way. :(

That's kind of what I did. I grabbed my CD case from the vehicle and
copied everything onto a local disc at work. I still pop SoftSqueeze up
once in a while to listen to the parts of the collection that aren't in
the mobile subset, but work only has a T-1, so I try not to soak up too
much of the pipe. Want to stay in the IS manager's good side, don'cha
know.

> I really do appreciate all the help. Will try to get
> my notes cleaned up and post them to help others with
> less restrictive environments. This was quite a ride,
> I hope I remember all the steps!

Sorry it didn't turn out better.
--
Roy M. Silvernail is roy (AT) rant-central (DOT) com, and you're not
Never Forget: It's Only 1's and 0's!
SpamAssassin->procmail->/dev/null->bliss
http://www.rant-central.com