HPE Community
Operating System - HP-UX
1824843 Members
3719 Online
109674 Solutions
New Discussion юеВ

CDE through firewall - what ports needed?

 
Tim Krego_1
Frequent Advisor

тАО08-16-2001 04:13 AM

тАО08-16-2001 04:13 AM

CDE through firewall - what ports needed?

I am trying to access a HPUX 11.00 CDE session using ReflectionX.

The 715/75 I have outside the firewall won't start a session from my Win2KPro machine inside the firewall. The CDE session does work when I log in directly to the machine.

I need to find out what ports to open on our Cisco PIX firewall to be able to use CDE.

I have tried to open TCP ports 6000-6002 and still cannot connect. Are there any other TCP/UDP ports I need to open?

Is there a chance that the firewall is not the problem?

Thanks.
HP/UX Newbie
0 Kudos
Reply
8 REPLIES 8
Robin Wakefield
Honored Contributor

тАО08-16-2001 05:07 AM

тАО08-16-2001 05:07 AM

Re: CDE through firewall - what ports needed?

Hi Tim,

Security issues aside, and depending on your start method:

rlogin = 513
telnet = 23
rsh = 514
rexec = 512
cde = 177

+ 6000 for X-display 0.

Rgds, Robin
0 Kudos
Reply
Tim Krego_1
Frequent Advisor

тАО08-16-2001 07:20 AM

тАО08-16-2001 07:20 AM

Re: CDE through firewall - what ports needed?

I opened those ports, assuming they are TCP not UDP ports.

I still cannot connect, telnet does work. I cannot open the display. Do I need to do something on the HP machine to allow CDE sessions to a certain IP?

Still confused.
HP/UX Newbie
0 Kudos
Reply
Robin Wakefield
Honored Contributor

тАО08-16-2001 07:33 AM

тАО08-16-2001 07:33 AM

Re: CDE through firewall - what ports needed?

Hi Tim,

Should be udp, sorry.

Rgds, Robin.
0 Kudos
Reply
Robin Wakefield
Honored Contributor

тАО08-16-2001 07:35 AM

тАО08-16-2001 07:35 AM

Re: CDE through firewall - what ports needed?

Tim,

udp for port 177...Robin
0 Kudos
Reply
Tim Krego_1
Frequent Advisor

тАО08-16-2001 07:59 AM

тАО08-16-2001 07:59 AM

Re: CDE through firewall - what ports needed?

I think the configuration on our PIX is incorrect for what I am trying to do. I am going to contact our Cisco person to make sure I have everything correct.
HP/UX Newbie
0 Kudos
Reply
Tim Krego_1
Frequent Advisor

тАО08-16-2001 08:13 AM

тАО08-16-2001 08:13 AM

Re: CDE through firewall - what ports needed?

I checked /var/dt/Xerrors and found the following.

Server open attempt #0 failed for 192.168.1.61:0, giving up

I think I need to translate an outside ip to an inside ip on the firewall.
HP/UX Newbie
0 Kudos
Reply
Ralf Hildebrandt
Valued Contributor

тАО08-17-2001 03:41 AM

тАО08-17-2001 03:41 AM

Re: CDE through firewall - what ports needed?

The correct solution is to use SSH on both boxes and to let JUST ssh pass the firewall.

Then you tunnel the ports needed using SSH.

Benefits:

a) less ports open
b) compression
c) encryption
d) no session hijacking
e) ease of use
(no passwords needed)

There are free SSH clients for all platforms, be it OpenSSH for *NIX and TeraTerm for Windoze.
Postfix/BIND/Security/IDS/Scanner, you name it...
0 Kudos
Reply
Tim Krego_1
Frequent Advisor

тАО08-17-2001 08:40 AM

тАО08-17-2001 08:40 AM

Re: CDE through firewall - what ports needed?

I am going to try using SSH. That seems to be a wise choice for ftp, telnet, x security issues.

Do any specific ports need to be open for SSH? I just picked up the O'Reilly SSH book yesterday. I know what I will be doing this weekend. :)
HP/UX Newbie
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.