Hi folks,
Has anyone tried using SSH tunnels to safely pass through to the other side of
a border firewall, like we have on our campus network? I would then use
"localhost" as the server name, for example.
Just wondering if anyone out there has tried this.
Cheers,
Chris
Dr. Christopher G. Herbster
Associate Professor
Director of Science and Technology
for the ERAU Weather Center
Applied Aviation Sciences
Embry-Riddle Aeronautical Univ.
600 S. Clyde Morris Blvd.
Daytona Beach, FL 32114-3900
386.226.6444 Office
386.226.6446 Weather Center
http://wx.erau.edu/
Schedule at: http://wx.erau.edu/faculty/herbster/Schedules/
________________________________
From: awips2-users-bounces@xxxxxxxxxxxxxxxx
<awips2-users-bounces@xxxxxxxxxxxxxxxx> on behalf of Michael James
<mjames@xxxxxxxx>
Sent: Tuesday, August 16, 2016 2:42 PM
To: Keith Latteri
Cc: awips II users
Subject: Re: [awips2-users] EDEX Server Firewall Settings
5672 as well should be open for JMS connections. An example of
/etc/sysconfig/iptables for an "open" server:
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [13:1717]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 5672 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 9581 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 9582 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Michael James
Unidata Program Center
Boulder, CO
On Tue, Aug 16, 2016 at 12:27 PM, Keith Latteri
<keith@xxxxxxxxxxxxxxxxx<mailto:keith@xxxxxxxxxxxxxxxxx>> wrote:
To allow all outside access, you would need port 9581 and 9582 open.
> On Aug 16, 2016, at 2:23 PM, bhoch
> <bhoch@xxxxxxxxxxxx<mailto:bhoch@xxxxxxxxxxxx>> wrote:
>
> Hello,
>
> If I were to configure an EDEX server for public usage, what should the
> firewall settings be to permit access from the outside world? What port #s
> should be open?
>
> Thanks,
> Brendon
> --
> Brendon Hoch, M.S.
> Director of IT & Instrumentation
> Judd Gregg Meteorology Institute
> MSC 48, Boyd Science Center 319
> Plymouth State University
> Plymouth, NH 03264
> (603)535-2818<tel:%28603%29535-2818> Fax: (603)535-2723<tel:%28603%29535-2723>
>
> _______________________________________________
> NOTE: All exchanges posted to Unidata maintained email lists are
> recorded in the Unidata inquiry tracking system and made publicly
> available through the web. Users who post to any of the lists we
> maintain are reminded to remove any personal information that they
> do not want to be made public.
>
>
> awips2-users mailing list
> awips2-users@xxxxxxxxxxxxxxxx<mailto:awips2-users@xxxxxxxxxxxxxxxx>
> For list information, to unsubscribe, or change your membership options,
> visit: http://www.unidata.ucar.edu/mailing_lists/
_______________________________________________
NOTE: All exchanges posted to Unidata maintained email lists are
recorded in the Unidata inquiry tracking system and made publicly
available through the web. Users who post to any of the lists we
maintain are reminded to remove any personal information that they
do not want to be made public.
awips2-users mailing list
awips2-users@xxxxxxxxxxxxxxxx<mailto:awips2-users@xxxxxxxxxxxxxxxx>
For list information, to unsubscribe, or change your membership options, visit:
http://www.unidata.ucar.edu/mailing_lists/
