Thank You so much. I will have to try this later today. I have
never done a port forward in iptables before. I knew that I could, but just
never had a need or tried so it slipped my mind about this.
The thing is...I need to securely do this. Here would be the setup
Desktop -> Secure connection to Server 1 -> Secure connection to Server 2.
So I am assuming that what I need to do is to have the Desktop SSH into
Server 1 which will have the iptables setup to tunnel to Server 2 and then
use a tunnel from Secure CRT (or putty) to tunnel all the way to Server 2
through Server 1? Server one can only be accessed with SSH from Server 1.
Again, Thank You.
On linux, one could do a port forward:
EXTIF=eth0 # Or whatever the interface that faces internet is called.
iptables -A FORWARD -i $EXTIF -p tcp -s <client-ip> --dport 3306 -j ACCEPT
iptables -A PREROUTING -t nat -p tcp -s <client-ip> \
-d <linux-fw-ip> --dport 3306 -j DNAT --to <internal-ip>:3306
On Wed, May 2, 2007 17:03, Steven Buehler wrote:
> I have a client that needs to be able to remotely connect to port 3306
> securely. I have tried to suggest an SSH Tunnel, but they do not want
> their clients to have SSH access. Another problem is that even if we
> do tunnel, it needs to go thru one server that is connected to the
> Internet and into the MySQL server which is NOT accessible from the
> Any suggestions?
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe: http://lists.mysql.com/mysql?unsub=1
> This message has been scanned for viruses and dangerous content by
> OpenProtect(http://www.openprotect.com), and is believed to be clean.
+45 40 85 71 38
+66 870 133 224
This message has been scanned for viruses and
dangerous content by OpenProtect(http://www.openprotect.com), and is
believed to be clean.