问题描述:

There is a server in my company and many people in the company work on it by Putty. We installed the Putty for our own computers to remote the server. BUT all of these happened in the company's inner web.

Now I want to remote the server from outer web. For example, I am home and I work on the company's server. For now I dont know how to realize this.

How can I configure the server and my PC at home?

Need I make some configuration for the router of the company? How?

Thanks in advance.

网友答案:

Assuming your company has a competent IT staff, there is a firewall that blocks incoming SSH attempts out. (It is called SSH, not Putty. Putty is just a program that Windows users tend to use for SSH.) Inside the company's network, you can SSH. So, from home, you will hit a firewall and you can't SSH in.

Does your company have a VPN system? If so, use that. There are many forms of VPN. Your company's IT staff can tell you how to configure your home machine so it can connect to the company's VPN. Once it does that, it will be as though your home computer is inside the company. You are inside the firewall. You can SSH.

You can ask if they will open the firewall for you. They shouldn't, but you can ask.

If you don't have VPN, all is not lost, but it gets more difficult. I don't expect you to do this, so I will only list the steps.

  1. Install an SSH server on your home computer. Get it up and running. SSH into it from another computer at home.

  2. Forward incoming port 22 requests to your home's firewall/router to your home computer so you can SSH into your home machine from outside your house, ie: From work. Test it from work to ensure it works.

  3. Set up a reverse port forward SSH connection from the server at work to your home computer. What this does is initiate an SSH connection from the work server to your home computer. It then listens on a port on your home computer (pretend you used 2222 as the port). Now, from home, you SSH to your home computer (localhost) on 2222 and it connects over the previously made connection to the server at work.

  4. Your IT staff might notice that you did this. They probably won't like it because you are bypassing their firewall.

网友答案:

You can either forward the port of the server to the public internet, or you can set up a VPN located inside your company's LAN that can be reached from outside the LAN such as OpenVPN.

Note: If you are planning to forward the server directly, make sure the server's security settings are set up correctly to prevent misuse of attackers. You can also restrict access to specific IP addresses using a firewall.

网友答案:

Assuming that your server is behind corporate network, you MUST require a VPN connection to access it. Talk to your IT department and they will be able to help with setting VPN connection.

相关阅读:
Top