Topic: remote access

[valdis]

Becoming rather disillusion with what one has to do to achieve or rather have yet to achieve to what I perceive to be a common business requirement.

Do not want to start a crusade and apologies for vetting my frustrations.

Have had no troubles previously with other firewalls and have better customised ip forwarding and remote access functions on adsl modem routers.

I quite like e-smith and it's varying abilities, mail spam proxy etc but am now being asked to consider alternatives.
 
My 'still' dilemma is remote connectivity to the office network.  Sales persons on the road, people working from home, support staff, all require this type of accessibility.  'ANY' type of assistance would be greatly appreciated.

Can anyone explain why I can VPN to my SME server and with a route to the network I am unable to ssh to the network let alone telnet.  If I ssh to the sme server during a vpn session, I can from the prompt telnet anywhere I want.  What is the SME server stopping this routing?

Not all applications are  web based and just be port forwarded, with a large portion of legacy software being 3 and 4gl character applications with function keys.  These are running on a server and local pc's connecting via telnet applications that have several inbuilt terminal emulations, great for function key based software.

Unfortunately have no response in several forums on remote access of this type through a sme server.  

I realise that ssh is far better than a telnet, but telnet connectivity software (turbosoft & glink) has far better terminal emulations and configurability than ssh software (ttsh putty), let alone with one telnet software application we use which is a screen scraper to give a character based screen a gui look and feel.

What I really need it the ability to, once establishing a vpn connection, telnet to machines behind the proxy which has traffic routed to it from the SME server.

Has no one already achieved this?  Do I need add in's?

Appreciation in advance.

[MarkR]

Valdis,

I too share your frustration in getting this to work( i spent many moons tweaking various configs etc but to no avail).

A solution i came up with was to
Install openvpn and connect to your SME server from remote site.
Telnet(via putty) into you SME server
then telnet from you'r SME server(command prompt) into any other server on your remote network.
to save telnet'ing twice all the time i created a user login on the SME that automatically opens another telnet session to another server.

hope i've made it clear, if not give us kick and i'll try to explain

other option would be to VPN into the SME then use VNC to control a PC/Terminal on the remote network

[valdis]

Hi Mark,

Just happy to get some sort of reply, which seem to be few and far between. To premote this product, which I beleive is good, I would of thought Mitel would have people replying to post not just users who through sweat and tears to get things working. Enough.

I did not need to install openvpn, sme basic services already handle this and, as you suggested ssh/telnet to the server THEN telneting to machines I also can do.

The problem is the use of third party software which uses telnet to connect to  
machines and gives you decent configurable terminal emulations and keyboard mappings.  We use 4gl programs that have there own termcap files etc.  So I need once the VPN connection has been established to use his software which is on the PC to telnet through the sme-->proxy-->network.  I was always under the impression that once a VPN connection has been established 'you' are on the network and should be able to connect by 'any' means to machine on the network.  This happens at all of our sites. I VPN  company networks to firewalls, windows/linux/aix/netgear/sonic etc and afer registration to the network I can use telnet software on my PC and connect to their servers.
There is something on the sme server that is inhibiting this functionality as if I ssh to the sme server I CAN telnet anywhere.

Not yet a iptables guru BUT
Is is the denylog of protocol 47 gre?? it is used in conjunction with pptp  port 1723?? is this the magic I need?? & if so the commands to allow it.
SME server ipchains -L -n is currently a little beyond me with all the rules and jumps.

HHEELLPP!!

[boss_hog]

Just happy to get some sort of reply, which seem to be few and far between. To premote this product, which I beleive is good, I would of thought Mitel would have people replying to post not just users who through sweat and tears to get things working. Enough.

Hi valdis,
sorry to hear you are having problems. I wish I could help.

However, ONLY as a polite reminder, this is Contribs/SME not Mitel.
It is a volunteer community, made up of many skilled people trying to
 help each other. We can be happy that Mitel shares as much info as
they do but don't expect them to give support, which is what you get
when you pay for their product.

Now a couple things:
1) are you still using SME6.5 as server/gateway?
2) is the ADSL modem set-up as a bridge or router?
3) can you paste or attach an specific logs, showing errors?

Good luck
Joe