91
Chapter 6: Secure SSH Tunneling & SDT Connector
6.1 Configuring for SDT Tunneling to Hosts
To set up the Console Server to SDT access a network attached
host
, the
host
and the permitted
services
that are to be used
in accessing that host need to be configured on the gateway, and User access privileges need to be specified:
• Add the new
host
and the
permitted services
using the
Serial & Network: Network Hosts
menu as detailed in
Network
Hosts
(
Chapter 4.4
). Only these
permitted services
will be forwarded by SDT to the
host
. All other services (TCP/UDP ports)
will be blocked.
Note
: Following are some of the TCP Ports used by SDT in the Console Server:
22
SSH (All SDT Tunneled connections)
23
Telnet on local LAN (forwarded inside tunnel)
80
HTTP on local LAN (forwarded inside tunnel)
3389 RDP on local LAN (forwarded inside tunnel)
5900 VNC on local LAN (forwarded inside tunnel)
73XX RDP over serial from local LAN – where XX is the serial port number (i.e. 7301to 7348)
79XX VNC over serial from local LAN – where XX is the serial port number
• Add the new
Users
using
Serial & Network: Users & Groups
menu as detailed in
Network Hosts
(
Chapter 4.4
). Users
can be authorized to access the Console Server ports and specified network-attached hosts. To simplify configuration,
the Administrator can first set up
Groups
with group access permissions, then Users can be classified as members of
particular
Groups
.