[Hai-users] Snap-Link through SSH Tunnel - Putty

[Joseph Vossen]

I do the same thing to access by Crestron system remotely.  Can't you specify the redirect to the hai via a direct tunnel and not use the HTTP proxy?  Such as adding an entry in your ssh config file:

LocalForward    50000    [IP_address_of_HAI]:4369

and then configure your remote end to locally connect using port 50000.  For example, the s/w that I use to access my Crestron system connects to "local" using port 50000, i.e. uses 127.0.0.1:50000, which gets tunneled properly by my firewall.

BTW...I changed the sshd port to listen to something other than 22; not exactly hidden, just not as obvious

HTH

On Mar 19, 2010, at 10:36 AM, Bill Johnston wrote:

> Hello,
> 
> Has anyone been successful in getting Snap-Link to work though a ssh tunnel?  I've been setting up a tunnel through port 4369 TCP and UDP open, but it doesn't work.  Does Snap-Link/OP2 use more ports or a range of ports?
> 
> My scenario is at work, I have to use PuTTy to ssh through a HTTP Proxy to a firewall at home (linux) with port 22 open.  This works for web/mail/smb (ports 80/25/143/139/587) that I have in the house, but not my OP2 (port 4369).  I really don't want to have my OP2 exposed to the outside if at all possible.  Call me paranoid.  My next step is to setup port knocking so 22 (SSH) appears closed to the world as well!
> 
> HAI - note, it would be nice if you could add various proxy's to the connection configuration in the product.  Not that I would want to use it, but if I can't get the tunnel to work, then I would have no option but to use a proxy.
> 
> Any ideas?
> 
> My desired path is:
> 
> Snap-Link -> local tunnel port served by Putty -> HTTP proxy on company firewall -> INTERNET -> SSH (port 22) on home linux based firewall -> OP2.
> 
> Bill