| From: | "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk> |
|---|---|
| To: | "Dave Lazar" <hunkybill(at)gmail(dot)com>, <pgadmin-support(at)postgresql(dot)org> |
| Subject: | Re: pgAdmin Firewall, SSH problem |
| Date: | 2005-01-13 09:21:45 |
| Message-ID: | E7F85A1B5FF8D44C8A1AF6885BC9A0E452839F@ratbert.vale-housing.co.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-support |
> -----Original Message-----
> From: pgadmin-support-owner(at)postgresql(dot)org
> [mailto:pgadmin-support-owner(at)postgresql(dot)org] On Behalf Of Dave Lazar
> Sent: 13 January 2005 02:24
> To: pgadmin-support(at)postgresql(dot)org
> Subject: [pgadmin-support] pgAdmin Firewall, SSH problem
>
> Hi,
>
> I have a couple of postgresql servers running and they work great. I
> develop with pgAdmin using SSH and pageant, putty and tunneling. I
> have one problem server
> though and I am looking for help.
>
> One server is firewalled, and I configured the firewall (Smoothwall)
> to port forward port 5432. My postgresql server private IP at
> 192.168.100.18 works fine connecting via localhost.
>
> My pg_hba.conf contains the following setup:
>
> local all all md5
> host all all 127.0.0.1
> 255.255.255.255 md5
> host all all 192.168.100.18
> 255.255.255.255 md5
> host all all 66.66.66.66 255.255.255.255
> md5
> host all all 77.77.77.77 255.255.255.255
> md5
>
> Where 66.66.66.66 is my development machine public IP and 77.77.77.77
> is my firewall public IP and hence the route to the postgresql
> program.
>
> I setup my putty connection tunnel on my development machine to
> forward 35432 to the
> public IP of the postgresql server, 77.77.77.77:5432, which is my
> firewall, which should port forward packets to the IP of postgresql.
>
> In pgadmin I connect to localhost on port 35432 and all is well,
> when I do not have a firewall in the chain...
>
> In my case with the firewall, even with port forwarding setup for port
> 5432, pgAdmin times out after 5 minutes or so complaining about SSL
> handshake not working...
>
> I am not using SSL, although I do have that option with server.crt and
> server.key files available.
>
> What might be causing pgAdmin these connection problems... I
> am not sure
> if the firewall is the culprit or if I screwed up. All my other boxes
> w/o firewalls work fine this way....
Hi Dave,
I'm not entirely clear on your setup - I assume it's something like:
Dev Box -> Firewall -> PG Server
You then tunnel a connection to the firewall, which is then forwarded to
the PostgreSQL port on the server. I assume then, that the firewall is
the endpoint of the tunnel?
Is there any reason that you don't just forward a port on the firewall
to the PG server, change the 77.77.77.77 line to a hostssl, and enable
SSL in pgAdmin, thus eliminating the need to use pagent etc?
Regards, Dave
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andreas Pflug | 2005-01-13 10:19:14 | Re: [pgadmin-support] I fixed a couple compile errors, but not all, |
| Previous Message | Benjamin Indermühle | 2005-01-13 09:21:10 | adding column with sequence |