Back to Blog
Neorouter firewall ports5/29/2023 ![]() 86.100.1.2) with port 22, it redirects specifically to the specified router's internal address (e.g. the Raspberry Pi 192.168.0.3) so that when I remotely access the external IP (e.g. This service can then be allowed inbound through the router's firewall to ONLY one specific internal address on the router (e.g. SSH) on the router to use port 22 (already defaulting to SSH according to the router). My router (Netgear DG834G) is only capable of basic port forwarding, if any at all.įor example, I can enable a service (e.g. Again, my knowledge of port forwarding is not amazing. The one bit I struggle to follow is using a port (e.g. HiroProtagonist wrote:Set up your router to forward a port of your choice to port 22 on the pi. Obviously you need to get this working before you go to China. you should set up ssh so you can log in with a key rather than a password & disable password authentication - details here: Ssh -p 8822 -L 8080:127.0.0.1:8080 -N should now be able to set your browsers proxy settings to use port 8080 at 127.0.0.1, which will tunnel to the proxy on your pi. If you don't want to log on, but just want to port forward, use: Configure the proxy to listen on a suitable port. You could go all out & install squid, but something simple like tinyproxy will be simpler to set up. If your primary use will be web traffic, install a proxy on your pi. Set up your router to forward a port of your choice to port 22 on the pi. ![]() Jimjamz wrote: - What is the best way to use SSH on the Raspberry Pi? P.S: I didn't know if to post this topic here or in the Beginners section, but felt it might be more appropriate here for others to find it. I found this topic on the forum but it was only somewhat helpful:Īny recommendation of tools and guides would be most useful. I have some experience of remote desktopping and VPNing on Windows and such, but never on the Raspberry Pi, so I'm considering myself still a noob in this department. I'm a software engineer and not a network guy. Would I be better connecting to it through a remote terminal or remote desktop, or setting up a VPN to connect to the router's network at home, or set it up as some kind of proxy server? I would somehow like to connect to it from China, and divert all my Internet traffic through it so my laptop in China thinks I am connected using my UK Internet connection, therefore bypassing the infamous Chinese firewall. I would like to leave one of my Raspberry Pi's here, always on and connected by Ethernet to my router. I searched the board but couldn't find a answer to my "problem".Ĭan somebody tell me how to configure the iptables firewall on a debian client PC running NRClient Pro?įrom the local network (eth0 not the VPN) we only need to connect to mysql, ssh and webmin.In a couple of weeks I'm off to work in China and having been over there before, I know it's hard work trying to access certain websites which I regularly use. If i config iptables INPUT to DROP as default, I tried to open 32975 TCP, 5353 UDP without success On the nrtap interface i accept every traffic (no need for iptables, firewall is managed by Neorouter itself) So on INPUT i accept TCP on Port 22,3306 and TCP/UDP 10000. Which ports do nrservice use for build up the nrtap interface, It doesn't show the nrtap with ifconfig -a The nrservice won't even build up the nrtap interface. Re: linux/debian iptables configuration on client computerĪssume you have a physical network adapter to your network/internet, NR client/service will connect NR server via this network adapter. ![]() NR client service just requires an outgoing connection to the NR server at listening port (default is 32976/tcp). 32975/tcp is the listen port of NR service for NR client (CMD or UI) to connect from local. So basically no need to add rule for NR client on the physical network adapter. However, once NR client/service connects to the server, it will activate nrtap virtual adapter. Please allow all IN/OUT connections on this adapter. It's safe, because all packets going through this adapter are from the NeoRouter VLAN and you may want to setup the NeoRouter built-in ACL/Firewall rules to control them instead of setup them on each machine.ġ. On linux, since you put restrict rules with iptables, NR client won't establish P2P connection and it will use NR server to relay automatically.Ģ. In the next version, we will allow users to specify the P2P port range. ![]() If i config the INPUT Chain to drop by default, I tried many configurations, without success. ![]()
0 Comments
Read More
Leave a Reply. |