Jconsole - remote connection thru ssh-tunnel

Similar Messages

• ORA Connect via SSH Tunnel on Windows failed! LINUX works ...

  Hello again,
  i tried to establish a Oracle Client Connection via SSH Tunnel on WinXP Pro.
  1. Opened SSH-Tunnel Connection with plink (putty)
  TUNNEL: 10.5.1.111:1521 => localhost:1521
  (plink works fine with telnet, MySQL Client and other stuff)
  2. Connected with Oracle Client on Tunnel END => Localhost, Port 1521
  3. WIth ORA8i i got: Paket Error, With ORA10g i get: TNS: no listener
  plink works fine, so i dont think the problem is located there.
  i tried, tnsnames.ora, easyconnect and TNS-Less. So i guess, its not related to the connection method.
  i tried the same on LINUX ... ssh tunnel and sqlplus connect ... IT WORKS !
  Does Oracle need an aditional Port?
  Does it have Problems with WIN2UNIX Connections? (ORA DB is on UNIX)
  tnx

  Hi,
  Hum..., I guess this not work!
  Looking for this schema below, you need put the 1521 port
  If you desire, access the www.ssh.com site and download other ssh program
             Secure Connection
     +---->-------[SSH]-------->-----+
     |                               |
     |                               |
     ^                               |
     |       Insecure Connection     v
  CLIENTE--->--------------------> ORACLE
  ssh2 -l oracle -L 1521:192.148.1.251:1521 200.10.11.12
                      |          |                |
                      |          |                |
                 A  LOCAL        |                |
                 B       INTERNAL IP ORACLE       |
                 C                       EXTERNAL IP (GATEWAY)
                                                       C                             B
        | Firewall| . . . . .|INTERNET| . . . . . . |Firewall| . . . . . . . . . . |ORACLE|
        | Gateway |                                 |Gateway |                 192.148.1.251:1521
             .                                     200.10.11.12                                  
       A     .
     |Oracle Client|
     (TNSNAMES.ORA)
       <SERVICO> =
         (DESCRIPTION =
           (ADDRESS_LIST =                     
             (ADDRESS = (PROTOCOL = TCP)(HOST = 127.0.0.1)(PORT = 1521))
           (CONNECT_DATA =
             (SID = <ORCL>)
         )Cheers

• SSH tunneling to connect to remote computer

  Hi,
  I have to connect to my remote database(RHEL box) from a windows using SSH tunnel
  1. I have set up the SSH tunneling(with outgoing tunnel)
  2. I have made a entry in the TNSnames.ora file
  3. I establish connection to the remote server using SSH client and when i do tnsping
  i do get connection. Even when i change the host name to some unkown name i do get a tnsping but iam not able to connect to the database. do iam wrong anywhere
  Used TNSNAMES adapter to resolve the alias
  Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = ISIL-PRJ
  -04)(PORT = 1523)) (CONNECT_DATA = (SID = ora1022b)))
  OK (800 msec)
  Used TNSNAMES adapter to resolve the alias
  Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = ISIL-PRJ
  -04)(PORT = 1523)) (CONNECT_DATA = (SID = blablabla)))
  OK (800 msec)
  even when i change my sid name i get a tnsping. can anybody explain

  Hi,
  Looking for this schema below and see if help you:
             Secure Connection
     +---->-------[SSH]-------->-----+
     |                               |
     |                               |
     ^                               |
     |       Insecure Connection     v
  CLIENT---->--------------------> ORACLE
  ssh2 -l oracle -L 1521:192.148.1.251:1521 200.10.11.12
                      |          |                |
                      |          |                |
                 A  LOCAL        |                |
                 B       INTERNAL IP ORACLE       |
                 C                       EXTERNAL IP (GATEWAY)
                                                       C                             B
        | Firewall| . . . . .|INTERNET| . . . . . . |Firewall| . . . . . . . . . . |ORACLE|
        | Gateway |                                 |Gateway |                 192.148.1.251:1521
             .                                     200.10.11.12                                  
       A     .
     |Oracle Client|
     (TNSNAMES.ORA)
       <SERVICE> =
         (DESCRIPTION =
           (ADDRESS_LIST =                     
             (ADDRESS = (PROTOCOL = TCP)(HOST = 127.0.0.1)(PORT = 1521))
           (CONNECT_DATA =
             (SID = <SID>)
         )Cheers

• Remote printing problem using ssh tunnel in Leopard

  Haho,
  I've recently installed Leopard, and I have unexpected difficulties with setting up remote printing to the printers of my University via ssh tunneling. The following procedure worked (and still works) under Tiger, but for some reason it doesn't work with Leopard (not just for me, but other friends also have the same issue as I do). The question is what could be the source of the problem and how could I get around it?
  So, I have the same short user name on my home Mac as my login name in the University system. Then, I set up the proper printers (IP printer, LPD protocol, Address: localhost, the appropriate queue and printer type etc.). Whenever I want to print from home to the University, I would open a Terminal window, and sudo ssh -L515:XXX.XXX.XXX.XXX:515 [email protected] . This is supposed to channel the printing which is sent to a localhost printer to the printers which can be reached through the University IP address.
  This method worked and works well under the latest version of Tiger, but not under Leopard (10.5, 9A581). I get no error messages, the printing seems to go through (at least no error seems to occur during spooling or logging in to the University with the terminal), but it simply doesn't prints out on the other end.
  I have no firewall or any other new network tools running which I'm aware of, and I'm not aware of any differences in the set-ups besides the change in the OS. The issue might be that of compatibility with the University printing system, but help in what exactly changed on the Mac side (something obviously did change) would help me a lot, especially since I don't think that the University technical crew would be very keen on (or competent in, for that matter) troubleshooting.
  Thanks in advance for your help!

  Had the same issue with MS Terminal Server printing over vpn tunnel.
  what kind of internet connection do you have? one which adds extra headers like pppoe ?
  for me ...
  sysopt connection tcpmss
  helped
  default is 1380 (1380 data + 20 TCP + 20 IP + 24 AH + 24 ESP_CIPHER + 12 ESP_AUTH + 20 IP = 1500 bytes)

• Tunnelling remote connection

  I need to remotely control a couple of macs over the internet, behind NAT firewalls.
  I took a look at the ARD 3.0 administrator guide posted on the support page and on page 75 it has a section implying this is possible.
  Can someone confirm that with this option, it would be possible to use ARD to tunnel through a remote firewall, with only the ssh port open on the external NAT firewall ? Also is it possible to specify a port other than 22 for such a tunnel ?
  It seems quite bizare that this tunnelling option is a global setting hidden away in the preferences. Surely this should be as a minimum configured on a client by client basis, rather than globally. While I would want to connect to a couple of machines remotely, I would not want the overhead of tunnelling for machines on the local LAN.
  This feature does not seem to be fully thought through in the documentation, as elsewhere when talking about opening up ports for remote access (e.g page 49), it only refers to opening up 3283 and 5900 and doesn't mention anything about a ssh tunnel, which is clearly the most interesting possibility for long distance access.
  I guess this is a big feature request for ARD 3.1 to might make ssh tunnelling enable on a client by client basis. That would be much more suitable for remote control further away than a LAN...
  Cheers
  Guy

  Tunneling port 3283 for ARD is not possible through SSH since ARD uses UDP on port 3283. with SSH you can only tunnel TCP ports.
  If you need to remote control one or more machines behind a NAT router, VPN is the way to go. It will save you from having to forward or tunnel ports and will give you a lot more security and functionality on the remote end.
  Many routers can act as a VPN endpoint these days themselves or at least are able to pass the VPN onto a VPN server on the LAN like any Mac OS X Server (10.3.x 10.4.x) can do.
  MacLemon

• How to get to x6250 Remote console through a ssh tunnel?

  I am accessing webGUI of my x6250 blade console through a ssh tunnel, I can log into eLOM, but when I launch remote console, the java client starts, then a java IOException window comes up with message saying "Create connection failure".
  When I access eLOM directly from company network without ssh tunnel, all works fine, so it is not my local system's setup or JVM issue.
  I am forwarding following ports already: 80, 443, 5120, 5121, 5123, and 7578.
  I suspect I missed some more ports for remote console usage, but which one(s)?
  YZ

  [ports needed for lights out management.]
  a) There does not appear to be an official Sun source for the port data.
  b) ILOM, ELOM, [a-z]LOM each seem to require their own selection of ports.... Beware.

• Opening Multiple DB Connections to MySQL via SSH Tunneling

  I'm connecting to a MySQL database through SSH.  Specifically I'm using PuTTY to establish a connection, and then tunnel the port through 3306.  Then I'm creating an ODBC Data source to my local 3306 port and using that datasource to open the connection in LabVIEW.
  I'm looking to run queries in parallel, and to do that, I believe I need to open up multiple connections.  Has anyone tried this before? Is there anyother way to do this?

  Hi Jonathan,
  I wasn't able to find too many resources on using multiple connections to a MySQL through SSH.  
  I was able to find this:
  http://digital.ni.com/public.nsf/allkb/C49602A79827DDBE86256CE9005757D5
  that might give you some more information.
  I would try to open up multiple connections if the database supports it and try it that way.
  If you have any troulbe with that route, feel free to let us know.
  Sincerely,
  Bogdan Buricea
  Applications Engineering
  National Instruments
  Bogdan Buricea
  Applications Engineer
  National Instruments

• 32-bit JMX/RMI Remote Connection to 64-bit

  I am trying to connect to the standard JDK5 JMX server running on RedHat 64-bit Linux from a 32-bit Windows box and continually get Connection refused. Both are running JDK 1.5.0_05, 64-bit version on Linux, 32-bit version on Windows.
  Is there a problem connecting between 64-bit and 32-bit OSes? I don't understand "connection refused" if that is the problem.
  There is no NAT and no firewall. I am able to connect to other Java services on that box, just not the JMX server. I can browse the RMI Registry on that machine (using the RMI Explorer plug-in from IDEA) but when I try to execute any of the methods I get Connection refused: connect at java.net.PlainSocketImpl.socketConnect. I know I'm connecting to the standard JMX registry because I can see the jmxrmi registry object with methods getVersion() and newClient(). I get the exception when I try to execute, say, the getVersion() method.
  JConsole is also not able to connect remotely.
  I am, however, able to connect from code running locally on the Linux box. But I am not able to connect from code running on the Windows client through an SSH tunnel.
  It appears that 64-bit and 32-bit JVMs cannot communicate over RMI, but is there another explanation?
  Robert

  I have the same problem using jmx through a ssh-tunnel.
  Neither programmatically by JMXConnector nor with jconsole it is possible to connect. It seems that the initial request works but then some kind of redirect forces a connect to the endpoint which is not possible at the other side of the tunnel. Instead it should use the local tunnel-port.
  So I get "connection refused" for an ip-address that is surely not available from my desktop.
  I found several similar problem-descriptions in different newsgroups but no answers how to solve it.

• Ssh tunnel how to set up in SL?

  I have a server running SL with the firewall activated.  I want to tunnel in to it from outside my own network, while on the road.  I have used SSH Tunnel Manager to do so in the past (like for 4 years) but can not get it to work today.
  On my SL Server 10.6.8 I can not find anywhere to open ports, but I understand that if I activate File Sharing and Remote Management it will open port 22.  Correct? 
  On my router I opened port 3283 and 5900.  Correct?
  Where I get stuck is what to put in to SSH Tunnel Manager.  I can not find any clear novice instructions for it anywhere.  And I am confused as to what to put where.
  Can anybody help?  Thanks.

  Thanks Bob, it is raining cats and dogs so good time to check.
  I got it all up and running. 
  I am testing from a real slow connection (on purpose as this what I have often being on the road) and the screen update is (too) slow.  I tried all your methods and can not see any different in speed (read slowness).
  BobHarris wrote:
  The reason I do this is because Chicken allows me to use reduced colors (like 8-bit colors), and the Vine Server both honors my reduced color request and it actually plays nice with reduced colors (the Mac OS X Screen Sharing server does not alway play nice with anything less then 32-bit colors, which needs a lot more bandwidth).
  Where or how do you implement this?  I can not find it anywhere.  I am on 10.6.8 btw.
  And what is more my connection over Mac's Screen Sharing client, having Vine Server server turned on or not on the remote Mac makes also no difference.  I can get in either way and speed is the same.
  Here is the setting of my remote Mac just in case I should not turn both, the last two, on:
  Than there is an other problem.
  I suppose this is not a problem as I am tunnelling in over SSH, but would like to make sure.
  I also tried to follow the instructions on the alert screen, but no such settings are to be found on the remote computer.  Must be an out of date message text.  Or am I blind?
  Looking forward to your wisdom.
  Message was edited by: ChangeAgent. 
  Had an external link for the images as they refused to upload.  Sometimes, when this happens, you can upload images after you post.  That worked so removed links.

• Using Workgroup Manager via SSH tunnel

  Hi all,
  I'm attempting to use the Workgroup Manager app to remotely administer a OS X Tiger Server box. The server sits inside my company's LAN behind a firewall, which only allows traffic to the server on ports 21 (ftp), 22 (ssh), 80 (http) and 311 (server admin with SSL, I believe). All services on those ports work fine.
  My research on the net indicates that the Workgroup Manager app uses port 625, but since the hardware firewall is blocking traffic on that port to the server, I'd like to create an SSH tunnel to access it. I've tried the following command on my local machine (i.e., not the server):
  $ sudo ssh -L 625:localhost:625 [email protected]
  and am able to set up the tunnel with no problem. However when I try to connect Workgroup Manager (on the local machine) to localhost, it won't let me connect. So I tried telnetting to localhost port 625 (on the local machine) to see what's up, and received the following error:
  $ telnet localhost 625
  Trying ::1...
  Connected to localhost.
  Escape character is '^]'.
  Connection closed by foreign host.
  Am I missing something? I was under the impression that the SSH tunnel would allow me to access port 625 on the server via port 22. The software firewall is disabled on both machines, so it's not that. I'm not experienced with SSH tunnelling, so I could be totally wrong about the way this is supposed to work.
  Thanks in advance!

  A quick tcpdump here indicates that Workgroup Manager uses both 311 and 625 when establishing a connection to the server. It may be the lack of port 311 tunneling that's causing your problem.
  $ sudo ssh -L 625:localhost:625 -L 311:localhost:311 [email protected]

• SSH Tunnel to other SSH servers?

  I'm not sure how this can be done, with or even without an SSH tunnel.
  Here's my scenario:
  PowerBook@Work --> Firewall --> INTERNET --> Linksys Router/Firewall with port forwarding to Mac mini home server --> Mac mini --> Other Mac clients
  Obviously I can SSH into my Mac mini server from my PowerBook at work:
  ssh [email protected]
  However, what I want to do is, to ssh to the Other Mac client on my home LAN from my Work LAN. So far I accomplish this by SSH'ing into my Mac mini server and then SSH'ing from there to my other Mac clients (which all have static 192.168.X.X addresses).
  I have tried the following and it's doesn't seem to work:
  ssh -N -p 22 [email protected] -R 2110/example.com/22
  With port 2110 forwarded from my Linksys to my Other Mac client. Doesn't work.
  I know this is one of those scenarios where I "can't see the forest through the trees". Meaning, there must be an easier way? Any help?

  Paul,
  sorry for my mistake. I forgot the "yes" in the commandline.
  I wouldn't put all the different ssh connections into aliases of my .bashrc. SSH offers the use of a config file. Put everything there. It's easier to maintain and the recommended way for ssh.
  Create a plain text file in ~/.ssh/config (for example with vi). And put the following stuff in there.
  Host nicknameforyourhost
  Hostname hostname.example.com
  User yourusername
  In Addition you might want to add one of these:
  Port 22
  Protocol 2
  Compression yes
  ForwardX11 yes
  You can even put portforwardings, reflections etc. in there.
  LocalForward 10548 127.0.0.1:548 To tunnel AFP on the server.
  LocalForward 10080 127.0.0.1:80 To tunnel to an webserver running on the host that is blocked by the firewall.
  To tunnel ServerAdmin, Workgroup Manager and Server Monitor Connections to the host (if it's running Mac OS X Server)
  LocaLForward 311 127.0.0.1:311
  LocalForward 625 127.0.0.1:625
  LocalForward 687 127.0.0.1:687
  You then connect your admin apps to localhost. This one has to be done as root, as you're forwarding privileged ports.
  To forward an http connection to the webinterface of your router through the tunnel. Provided your LAN Range is 192.168.1.0 and your router is located at 192.168.1.1.
  LocalForward 10080 192.168.1.1:80
  You then connect your browser to http://localhost:10080/ and it will go through the tunnel, and be reflected from the host you connected to via SSH directly to the router. That way you could access your routers config pages without activating remote administration which is of course a lot more secure.
  For your particular problem:
  Create one Host entry with the actual machine that you connect to.
  Host myserver
  Hostname myserver.example.com
  User yourusername
  Protocol 2
  Port 22
  Compression yes
  LocalForward 10080 192.168.1.1:80 see example with router above
  LocalForward 10022 192.168.1.100:22 to create a ssh portreflector for host 192.168.1.100
  This config will allow you to connect to your server and access your router like I described above and also create a tunnel for another ssh connection to 192.168.1.100. To access that machine, create a second config in that file just a few lines below.
  Host myothermac
  Hostname localhost
  User yourusername
  Protocol 2
  Port 10022
  To use all that you enter into your terminal:
  $ ssh myserver
  Password:
  and from a second terminal:
  $ ssh myothermac
  Password:
  You're directly taken to the othermac. You can put as many options in ther as you like. See the man page for SSH what else you can put into a config file. I hope by now is clear why not to use aliases in your .bashrc. Do some experimenting, you cannot hurt anything.
  You could also do that from a screen session or just background the first SSH session from the terminal but that would make things unnecessarily more complex for the examples given.
  Hope that helped.
  Regards MacLemon

• Remote connection, mac to mac

  I have had a look and can't seem to find anything convincing - we have a few macs at work, and we each have a mac at home - all we want to be able connect from home, to our mac at work and do work....
  does the official apple remote software cover this, as it seems more networking focused
  or has anyone any other experiences with software they would like to share?
  many thanks in advance

  The key will be how work interfaces to the internet.
  If you have a corporate firewall, and no control over that firewall, then it gets complicated.
  If you have a small office and router similar to a home router, then you can configure that router to allow specific ports from the internet to be be routed to specific Macs at work.
  But before going down that path, here are the easy to the more complex ways to connect to your Macs at work.
  If your work router allows it, you could use Apple MobileMe subscriptions and its Back-to-My-Mac feature. This depends on the router supporting Universal Plug and Play features, but if it does, then Back-to-My-Mac will give screen sharing, and file sharing between home and your Macs.
  LogMeIn.com and TeamViewer.com can generally work, even across corportate firewalls. They both provide screen sharing. TeamViewer.com includes file copy, and LogMeIn.com (paid version) also includes file transfer. There is also GoToMyPC.com.
  If you can configure your work router to Port Forward internet ports to specific ports on your work Macs, then you can roll your own. This would consist of forwarding a unique internet port for each work Mac to each Mac's port 5900 (the VNC port), and a separate set of unique internet ports to each Mac's port 548 (the AFP file sharing port). For examle:
  Internet port 5911 to Mac 1's 5900
  Interent port 5912 to Mac 2's 5900
  Internet port 5913 to Mac 3's 5900
  Internet port 11548 to Mac 1's 548
  Internet port 12548 to Mac 2's 548
  Internet port 13548 to Mac 3's 548
  Of course Screen Sharing and File Sharing would need to be enabled on the work Mac's.
  Now when you want screen share with work Mac 1, at home you would use Finder -> Go -> Connect to Server -> vnc://work.router.address:5911
  And when you wanted to do file sharing with work Mac 2, at home you would use Finder -> Go -> Connect to Server -> afp://work.router.address:12548
  If your work.router.address does not have its own domain name, then you can get a free No-IP.com or DynDNS.org dynamic DNS name, which will allow you to have a fixed name you connect to, and one of the Macs at work run the dynamic DNS updater that keeps the name up to date when your work ISP changing the IP address.
  The next level of complexity, is to have a VPN into work. If work already has a VPN that you can use, this would actually simplify things a little, as the VPN software already gets you into the work network, and you can just ignore my router configuration suggestions. Then you just use the Finder -> Go -> Connect to Server -> vnc://address.of.mac.inside.VPN and afp://address.of.mac.inside.VPN
  If you do not have a VPN, then setting one up is beyond my knowledge, and I'm sure a bit more complex. It might also requires some dedicated hardware or Mac to do the VPN server duties.
  Another more complex approach which gives the security of a VPN, with a different set of complexities would be using ssh tunnels. This is alternative to opening separate ports for VNC and AFP. Instead you would open unique ports for ssh (System Preferences -> Sharing -> Remote Login).
  Internet port 21022 to Mac 1's port 22
  Internet port 22022 to Mac 2's port 22
  Interent port 23022 to Mac 3's port 22
  Now from a terminal, or an ssh GUI interface, establish tunnels for screen sharing and file sharing. The following would be the terminal command issued from the Home Mac.:
  ssh -p 23022
  -L 5913:localhost:5900
  -L 13548:localhost:548
  username@ work.router.address
  Now from the home Mac use Finder -> Go -> Connect to Server -> vnc://localhost:5913 and afp://localhost:13548

• Using launchd to create "on demand" ssh tunnel

  Hello,
  I've setup 2 LaunchAgents in my ~/Library/LaunchAgents/ directory, in order to provide 2 apps with an ssh tunnel connectivity "on demand".
  One of the plist is like this :
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  <plist version="1.0">
  <dict>
  <key>Debug</key>
  <false/>
  <key>Disabled</key>
  <false/>
  <key>Label</key>
  <string>my.ssh.tunnel</string>
  <key>ProgramArguments</key>
  <array>
  <string>/usr/bin/ssh</string>
  <string>-l</string>
  <string>mylogin</string>
  <string>-N</string>
  <string>-L</string>
  <string>port:final-server:port</string>
  <string>mylogin@ssh-gateway</string>
  </array>
  <key>Sockets</key>
  <dict>
  <key>Listeners</key>
  <dict>
  <key>Bonjour</key>
  <false/>
  <key>SockServiceName</key>
  <string>port</string>
  <key>SockType</key>
  <string>stream</string>
  </dict>
  </dict>
  <key>StandardErrorPath</key>
  <string>/tmp/mytunnel.err</string>
  <key>StandardOutPath</key>
  <string>/tmp/mytunnel.out</string>
  <key>inetdCompatibility</key>
  <dict>
  <key>Wait</key>
  <false/>
  </dict>
  <key>onDemand</key>
  <true/>
  </dict>
  </plist>
  When I launch the application that makes a tcp request on localhost:port, the tunnel is created, this part is OK. But, the application is unable to use it. I have to quit and restart it so that it can use the ssh tunnel.
  Any idea why it behaves like this ? Any workaround ?
  PowerMac G5 2*2GHz   Mac OS X (10.4.6)  

  In fact, the idea of a wrapper script is not very appealing to me. The apps I launch use GUI. I could design an Applescript to "init" the tunnel then launch the true application, but I find it quite complicated and very unsatisfactory.
  Your telnet command succeed in activating the launchd item, but it returns nothing :
  $ echo "^]quit" | telnet localhost 1190
  Trying ::1...
  Connected to localhost.
  Escape character is '^]'.
  Connection closed by foreign host.
  $
  then, a `ps` shows the launchproxy process while it's opening the tunnel. This steps last for few seconds, the tunnel seems to be unavailable while launchproxy runs (in fact, launchproxy seems to run until the tunnel is fully established).
  The TCPKeepAlive option is not interesting in my context, I've monitored the ssh tunnel, once it's established, it won't close, even if the application supposed to be using it is not launched.
  I think my problem has no elegant solution. Such a solution could be for launchd/launchproxy to store the application queries, and to feed them into the tunnel once it is open. So, the app would just hang waiting for the tunnel to be fully established, and would get it's response after that. For now, the application hangs for ever. I have to force it to reissue it's network request so that it can reach the remote end of the tunnel.

• Why does my ssh tunnel drop when I switch on a system wide proxy

  The subject says pretty clearly what is puzzling me. After I establish a connection via ssh and initiate a tunnel for email access through a corporate firewall (using Apple Mail as the client and POP3 for the protocol), I find that enabling a system wide proxy (socks5, http, and https) via the same ssh tunnel causes the email to stop working. Upon switching, the http proxy (Safari) works fine -- e.g. the tunnel is healthy. This confuses me. The ssh link which hosts several tunnels is fine. I am forwarding local port 10025 and 10110 on the tunnel to a mail server behind the firewall. The socks5 proxy and http proxy are running on local ports 11080, 18080, and 18080, respectively. Why is Apple mail paying attention to the proxy settings at all? It would seem that since Apple Mail makes no attempt to connect (via the Activity window) that the link is dead, however, turning off the proxy brings the email tunnel back to normal. Wierd. Any advice? This is running on a normal 10.4 (not server), but I don't think there are any significant differences in behavior. I asked on the networking discussion, but got no response.

  Two things jump into my mind: poor WiFi signal strength on the desktop PC or a dirty OS installation on the desktop PC. I'm quite sure that this has nothing to do with the cisco VPN client itself.
  Assuming that you reach your remote workspace through the cisco VPN client it might also be that the remote part (the VPN concentrator) gets congested and drops your connection but than other employees would complain as well (can be checked with your ICT guys).
  The thing is: when you lose Internet connection on your laptop while surfing a web site and connection comes back again within no time you won't notice anything. If the same happens to a system constantly receiving encrypted packets and some are missing the VPN client will drop the connection. Completely different protocols (http/ipsec) that are differently prone to packet drops...

• Remote connection, screen sharing, etc question

  I'd like to remotely connect to my desktop either from a PC or another mac that isn't on my local network. I have a domain name registers, and i'd like to use this domain (godaddy.com) and just be able to type afp/smb/ssh (depending on if I'm on a mac or pc) and hhtp://www.mydomian.com and instantly get to my computer to change downloads and get files from an external drive, my OSX main disk, etc. I have a MobileMe account to, if thats any help. if I cant use my domain and somehow point it to my dynamic IP, I can use dyndns.
  thanks

  how would I set this up? do I forward 5900 (is that the ssh port?) and 22 on my router? or after that type ssh www.mydomain.com:5900? I'm not sure how to enable the ssh capability. I have remote management, screen sharing, file sharing, remote login, and web sharing enabled in settings, do i need anything else enabled, which ports exactly should I enable?
  Assuming you want to maintain secure connections over the internet, I would suggest configuring your home router to forward a random high numbered port to your target home system's port 22. Most home routers allow this, but how to do it varies from manufacture to manufacture. A Google Search will most likely find instructions for your model router.
  So lets assume you choose internet port 12345 to forward. Making an connect to your home system from the outside world would looks something like:
  ssh -p 12345 [email protected]
  That gives you an interactive shell login to your system.
  If you wish to tunnel a screen sharing VNC session you would use something like:
  ssh -p 12345 -L 5901:localhost:5900 [email protected]
  Then using your VNC client of choice you would connect to
  localhost:5901
  Your VNC client would then talk to local port 5901, ssh would send this to the remote system's port 5900 which is the default VNC server port.
  Using ssh to tunnel other protocols is done in a similar way, only the ports used will be different. Since I have only personally tunneled screen sharing, I'm not going to try to explain how to tunnel other protocols.
  NOTE: You can specify as many ssh -L options on the command line as you like. Also the SSHTunnel utility can help you setup ssh tunnels.