SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-28-2008, 06:18 AM
| ||||
| ||||
 secure port 3306 I have a client that needs to be able to remotely connect to port 3306 securely. I have tried to suggest an SSH Tunnel, but they do not want their clients to have SSH access. Another problem is that even if we do tunnel, it needs to go thru one server that is connected to the Internet and into the MySQL server which is NOT accessible from the Internet. Any suggestions? Thanks Steve      |
|
02-28-2008, 06:18 AM
| |||
| |||
| RE: secure port 3306 [snip] I have a client that needs to be able to remotely connect to port 3306 securely. I have tried to suggest an SSH Tunnel, but they do not want their clients to have SSH access. Another problem is that even if we do tunnel, it needs to go thru one server that is connected to the Internet and into the MySQL server which is NOT accessible from the Internet. Any suggestions? [/snip] IPSec tunnel |
|
02-28-2008, 06:18 AM
| |||
| |||
| Re: secure port 3306 On linux, one could do a port forward: EXTIF=eth0 # Or whatever the interface that faces internet is called. iptables -A FORWARD -i $EXTIF -p tcp -s <client-ip> --dport 3306 -j ACCEPT iptables -A PREROUTING -t nat -p tcp -s <client-ip> \ -d <linux-fw-ip> --dport 3306 -j DNAT --to <internal-ip>:3306 On Wed, May 2, 2007 17:03, Steven Buehler wrote: > I have a client that needs to be able to remotely connect to port 3306 > securely. I have tried to suggest an SSH Tunnel, but they do not want > their > clients to have SSH access. Another problem is that even if we do tunnel, > it needs to go thru one server that is connected to the Internet and into > the MySQL server which is NOT accessible from the Internet. > > Any suggestions? > > Thanks > Steve > > > -- > MySQL General Mailing List > For list archives: http://lists.mysql.com/mysql > To unsubscribe: http://lists.mysql.com/mysql?unsub=mogens@fumlersoft.dk > > > -- > This message has been scanned for viruses and > dangerous content by OpenProtect(http://www.openprotect.com), and is > believed to be clean. > -- Later Mogens Melander +45 40 85 71 38 +66 870 133 224 -- This message has been scanned for viruses and dangerous content by OpenProtect(http://www.openprotect.com), and is believed to be clean. |
|
02-28-2008, 06:19 AM
| ||||
| ||||
| RE: secure port 3306 Thank You so much. I will have to try this later today. I have never done a port forward in iptables before. I knew that I could, but just never had a need or tried so it slipped my mind about this. Again, Thank You. Steve ------------ On linux, one could do a port forward: EXTIF=eth0 # Or whatever the interface that faces internet is called. iptables -A FORWARD -i $EXTIF -p tcp -s <client-ip> --dport 3306 -j ACCEPT iptables -A PREROUTING -t nat -p tcp -s <client-ip> \ -d <linux-fw-ip> --dport 3306 -j DNAT --to <internal-ip>:3306 On Wed, May 2, 2007 17:03, Steven Buehler wrote: > I have a client that needs to be able to remotely connect to port 3306 > securely. I have tried to suggest an SSH Tunnel, but they do not want > their > clients to have SSH access. Another problem is that even if we do tunnel, > it needs to go thru one server that is connected to the Internet and into > the MySQL server which is NOT accessible from the Internet. > > Any suggestions? > > Thanks > Steve > > > -- > MySQL General Mailing List > For list archives: http://lists.mysql.com/mysql > To unsubscribe: http://lists.mysql.com/mysql?unsub=1 > > > -- > This message has been scanned for viruses and > dangerous content by OpenProtect(http://www.openprotect.com), and is > believed to be clean. > -- Later Mogens Melander +45 40 85 71 38 +66 870 133 224 -- This message has been scanned for viruses and dangerous content by OpenProtect(http://www.openprotect.com), and is believed to be clean. |
Linear Mode
