> -----Original Message-----
> From: pgadmin-support-owner(at)postgresql(dot)org
> [mailto:pgadmin-support-owner(at)postgresql(dot)org] On Behalf Of Dave Lazar
> Sent: 13 January 2005 02:24
> To: pgadmin-support(at)postgresql(dot)org
> Subject: [pgadmin-support] pgAdmin Firewall, SSH problem
> I have a couple of postgresql servers running and they work great. I
> develop with pgAdmin using SSH and pageant, putty and tunneling. I
> have one problem server
> though and I am looking for help.
> One server is firewalled, and I configured the firewall (Smoothwall)
> to port forward port 5432. My postgresql server private IP at
> 192.168.100.18 works fine connecting via localhost.
> My pg_hba.conf contains the following setup:
> local all all md5
> host all all 127.0.0.1
> 255.255.255.255 md5
> host all all 192.168.100.18
> 255.255.255.255 md5
> host all all 188.8.131.52 255.255.255.255
> host all all 184.108.40.206 255.255.255.255
> Where 220.127.116.11 is my development machine public IP and 18.104.22.168
> is my firewall public IP and hence the route to the postgresql
> I setup my putty connection tunnel on my development machine to
> forward 35432 to the
> public IP of the postgresql server, 22.214.171.124:5432, which is my
> firewall, which should port forward packets to the IP of postgresql.
> In pgadmin I connect to localhost on port 35432 and all is well,
> when I do not have a firewall in the chain...
> In my case with the firewall, even with port forwarding setup for port
> 5432, pgAdmin times out after 5 minutes or so complaining about SSL
> handshake not working...
> I am not using SSL, although I do have that option with server.crt and
> server.key files available.
> What might be causing pgAdmin these connection problems... I
> am not sure
> if the firewall is the culprit or if I screwed up. All my other boxes
> w/o firewalls work fine this way....
I'm not entirely clear on your setup - I assume it's something like:
Dev Box -> Firewall -> PG Server
You then tunnel a connection to the firewall, which is then forwarded to
the PostgreSQL port on the server. I assume then, that the firewall is
the endpoint of the tunnel?
Is there any reason that you don't just forward a port on the firewall
to the PG server, change the 126.96.36.199 line to a hostssl, and enable
SSL in pgAdmin, thus eliminating the need to use pagent etc?
pgadmin-support by date
|Next:||From: Andreas Pflug||Date: 2005-01-13 10:19:14|
|Subject: Re: [pgadmin-support] I fixed a couple compile errors, but not all,|
|Previous:||From: Benjamin Indermühle||Date: 2005-01-13 09:21:10|
|Subject: adding column with sequence|