JamesLuther Fri, 02/13/2009 - 02:24
User Badges:
  • Silver, 250 points or more

If you are trying to SSH to host inside the VPN encryption domain, then no. If you want to SSH to the VPN endpoint itself then yes.

nishit.patel Fri, 02/13/2009 - 02:33
User Badges:

What we are trying to do is:

- Nat to redirect to an internal IP of

- Open the firewall to allow port 22 inbound to (before the changes get made that port 22 would need to be opened if we already have a VPN tunnel?)

Scenario is - files will be sent from one side of the VPN tunnel (Riskwrite) through SFTP (22) to our server of x.x.216.164

JamesLuther Fri, 02/13/2009 - 02:41
User Badges:
  • Silver, 250 points or more


Opening port 22 or ceating a VPN are both technically possible it depends on your companys security policy.

I assume IP is in a DMZ? In all companys I've worked for there are certain security processes around allowing file transfers from 3rd parties and in particular from the internet. Using SFTP is good but is preferable if you can lock this down to certain source IPs and the destination server should be in a DMZ NOT the internal network.



This Discussion