Re: [FW-1] SSH VPN over non-standard port

Subject:	Re: [FW-1] SSH VPN over non-standard port
From:	joe smith <interrupt_handle_this_00100 AT YAHOO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 29 Nov 2005 12:17:15 -0800

Hello,
  Is the sshd bound to specific IP address in the advanced section ?  I know 
you can set it manually to listen only on a specific address or leave it blank 
for all.  If you have specificed an IP(s) you might want to remove and restart 
sshd.

  interrupt
  
Sean Donaghey/HDGH <SDonaghey AT HDGH DOT ORG> wrote:
  Hi Reinhard,

I changed the https service Protocol-Type to "None", and then vendor still 
cannot SSH to their box. Any other ideas?

Thanks,

Sean




Reinhard Stich 
Sent by: Mailing list for discussion of Firewall-1 

11/24/2005 10:54 AM
Please respond to
Mailing list for discussion of Firewall-1 



To
FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
cc

Subject
Re: [FW-1] SSH VPN over non-standard port






hi,

fw1 tries to deny tunneling over ssl - and http on port 443 does not 
look like ssl ... so this is blocked.

you should define https as protocol-type "none" ...

cheers
reinhard

At 14:58 24.11.2005, you wrote:
>Hi,
>
>I have a VPN user trying to SSH into a box over port 443, and it is not
>working through our VPN. I can SSH to the same box over port 443 when on
>the internal network. The connection attempt is accepted to the SSH box,
>but the key prompt never comes up to accept. Does Checkpoint allow SSH
>access when not using the standard port 22?
>
>Thanks,
>
>Sean
>
>
>
>The information contained in this e-mail message is confidential and
>protected by law. The information is intended only for the person or
>organization addressed in this e-mail. If you share or copy the
>information you may be breaking the law. If you have received this 
e-mail
>by mistake, please notify the sender of the e-mail by the telephone 
number
>listed on this e-mail. Please destroy the original; do not e-mail back
>the information or keep the original.
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>fw-1-owner AT ts.checkpoint DOT com
>=================================================

-- 
Reinhard Stich ASSIST R.Stich AT internet-security DOT at
Internet Security AG, 1150 Wien, Johnstrasse 29
Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================




The information contained in this e-mail message is confidential and 
protected by law. The information is intended only for the person or 
organization addressed in this e-mail. If you share or copy the 
information you may be breaking the law. If you have received this e-mail 
by mistake, please notify the sender of the e-mail by the telephone number 
listed on this e-mail. Please destroy the original; do not e-mail back 
the information or keep the original.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
  


                
---------------------------------
 Yahoo! Personals
 Single? There's someone we'd like you to meet.
 Lots of someones, actually. Try Yahoo! Personals

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] SSH VPN over non-standard port, Sean Donaghey/HDGH Re: [FW-1] SSH VPN over non-standard port, Reinhard Stich Re: [FW-1] SSH VPN over non-standard port, Sean Donaghey/HDGH Re: [FW-1] SSH VPN over non-standard port, joe smith <= Re: [FW-1] SSH VPN over non-standard port, Lindsay Hill

Previous by Date:	Re: [FW-1] SSH VPN over non-standard port, Sean Donaghey/HDGH
Next by Date:	Re: [FW-1] SSH VPN over non-standard port, Lindsay Hill
Previous by Thread:	Re: [FW-1] SSH VPN over non-standard port, Sean Donaghey/HDGH
Next by Thread:	Re: [FW-1] SSH VPN over non-standard port, Lindsay Hill
Indexes:	[Date] [Thread] [Top] [All Lists]