Skip site navigation (1) Skip section navigation (2)

Re: pgAdmin Firewall, SSH problem

From: "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk>
To: "Dave Lazar" <hunkybill(at)gmail(dot)com>,<pgadmin-support(at)postgresql(dot)org>
Subject: Re: pgAdmin Firewall, SSH problem
Date: 2005-01-13 09:21:45
Message-ID: E7F85A1B5FF8D44C8A1AF6885BC9A0E452839F@ratbert.vale-housing.co.uk (view raw or flat)
Thread:
Lists: pgadmin-support
 

> -----Original Message-----
> From: pgadmin-support-owner(at)postgresql(dot)org 
> [mailto:pgadmin-support-owner(at)postgresql(dot)org] On Behalf Of Dave Lazar
> Sent: 13 January 2005 02:24
> To: pgadmin-support(at)postgresql(dot)org
> Subject: [pgadmin-support] pgAdmin Firewall, SSH problem
> 
> Hi,
> 
> I have a couple of postgresql servers running and they work great. I
> develop with pgAdmin using SSH and pageant, putty and tunneling. I
> have one problem server
> though and I am looking for help.
> 
> One server is firewalled, and I configured the firewall (Smoothwall)
> to port forward port 5432. My postgresql server private IP at
> 192.168.100.18 works fine connecting via localhost.
> 
> My pg_hba.conf contains the following setup:
> 
> local   all     all md5
> host    all     all             127.0.0.1       
> 255.255.255.255         md5
> host    all     all             192.168.100.18  
> 255.255.255.255     md5
> host    all     all             66.66.66.66   255.255.255.255 
>         md5
> host    all     all             77.77.77.77   255.255.255.255 
>         md5
> 
> Where 66.66.66.66 is my development machine public IP and 77.77.77.77
> is my firewall public IP and hence the route to the postgresql
> program.
> 
> I setup my putty connection tunnel on my development machine to
> forward 35432 to the
> public IP of the postgresql server, 77.77.77.77:5432, which is my
> firewall, which should port forward packets to the IP of postgresql.
> 
> In pgadmin I connect to localhost on port 35432 and all is well,
> when I do not have a firewall in the chain...
> 
> In my case with the firewall, even with port forwarding setup for port
> 5432, pgAdmin times out after 5 minutes or so complaining about SSL
> handshake not working...
> 
> I am not using SSL, although I do have that option with server.crt and
> server.key files available.
> 
> What might be causing pgAdmin these connection problems... I 
> am not sure
> if the firewall is the culprit or if I screwed up. All my other boxes
> w/o firewalls work fine this way....

Hi Dave,

I'm not entirely clear on your setup - I assume it's something like:

Dev Box -> Firewall -> PG Server

You then tunnel a connection to the firewall, which is then forwarded to
the PostgreSQL port on the server. I assume then, that the firewall is
the endpoint of the tunnel?

Is there any reason that you don't just forward a port on the firewall
to the PG server, change the 77.77.77.77 line to a hostssl, and enable
SSL in pgAdmin, thus eliminating the need to use pagent etc?

Regards, Dave

pgadmin-support by date

Next:From: Andreas PflugDate: 2005-01-13 10:19:14
Subject: Re: [pgadmin-support] I fixed a couple compile errors, but not all,
Previous:From: Benjamin IndermühleDate: 2005-01-13 09:21:10
Subject: adding column with sequence

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group