NAT_forwarding-port_redirect

Issues related to configuring your network
kalyanasundaram
Posts: 16
Joined: 2014/08/20 14:12:58

NAT_forwarding-port_redirect

Postby kalyanasundaram » 2017/08/16 07:31:49

Hi,
Server-1
Cent OS 7
Multiple IP Address on single network interface 10.10.1.A & 10.10.1.B
10.10.1.A bound with 22/TCP port

Server-2
Cent OS-6.X
IP Address 10.10.1.C
10.10.1.C bound with 22/TCP

My Machine
Windows 7
Remote Utility - putty, to establish the ssh connection

Requirement is, Need to access/establish the server-2 SSH connection via server-1 IP Address 10.10.1.B. finally the result is not good ;)

What i did?
I have enabled the NAT/MASQUERADE for default zone, the zone name is public.. created the rich rules and information is given below.


Code: Select all

[color=#804000][b]public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: dhcpv6-client ssh
  ports:
  protocols:
  masquerade: yes
  forward-ports:
  sourceports:
  icmp-blocks:
  rich rules:
        rule family="ipv4" source address="10.10.1.B" forward-port port="22" protocol="tcp" to-port="22" to-addr="10.10.1.C"
        rule family="ipv4" source address="10.10.1.X/24" masquerad[/b][/color]


Did i made any mistakes?
could you please guide me to achieve this requirement ?
-Kalyan

hunter86_bg
Posts: 738
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: NAT_forwarding-port_redirect

Postby hunter86_bg » 2017/08/19 19:16:17

If you have already ssh to 10.10.1.A from the windows client, and Server-1 does not restrict the user (you can login with) to use 'nc', then you don't need any rich rules,nat,masquerade.
You will just need an ssh tunnel with the option 'ProxyCommand' , but this will require that ssh from Server-1 to Server-2 is possible.