Problem w/symantec firewall & SSH Tunnel

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
  Hello, I am very new to the world of encrypted and remote communications,

  I have joined a service that provides VPN and SSH Tunnels. I have no
problem with the VPN,
and unfortunetely I seem to only have one prob. with the SSH Tunn. The fact
is that the only way
I seem to avoid the error "server unexpectedly closed network connection" is
by turning off Norton's
firewall. And that presents a worry some case for me.

  I've tried doing a few things but does not seem to help at all. Including
emailing those connected with
the use of, and develpmont of the SSH tunnel program and even giving full
permision of the Putty
program in the firewall, to no avail.

  My system is running WinXP sp2.

  Any suggestions appreciated or if you can point me in the right direction
to learn more about my tech. difficulty. :)

  Thank you, much.

Re: Problem w/symantec firewall & SSH Tunnel

News Groups wrote:
Quoted text here. Click to load it

Is it possible you have both Windows FW and Norton FW turned on? If so
pick one and disable the other. Believe it or not, my eMachines computer
came with both enabled out of the box.

I'm also a little unclear as to what is running where and what you are
trying to do. Is the WinXP SP2 machine the one you're connecting to or
from? If you're trying to connect to it from a remote location, are you
running the SSH service on that machine?

Re: Problem w/symantec firewall & SSH Tunnel

  All very very good suggestions!  I appreciate you taking the time to
  Luckily the service I use for VPN that also supplies services for SSH
tunnels had also responded (will
wonders ever cease :)) and apparently the firewall protects programs that
launch other programs (which
apperently the program does (.bat files that launch other files). So it was
simply adding the *.bat and other
file to the allowed list of programs that launch other programs.

  Well, kind of simple, I seem to be past that problem, but of course, not
to make anything worth having to
easy, I am know experiencing time outs and such :)  I assume it still
something to do with  the firewall.
  Atleast I am learning a little out of it!

  Thank you again for your time and suggestions!!!

Quoted text here. Click to load it

Re: Problem w/symantec firewall & SSH Tunnel

I'm a little curious about this "service" you subscribe to. If you don't
mind me asking, what is it, and what does it offer that you can't get
for free with OpenSSH, OpenVPN, or the free VPN that's built into
Windows XP?


News Groups wrote:
Quoted text here. Click to load it

To reply by email remove "_nospam"

Re: Problem w/symantec firewall & SSH Tunnel

  No not at all, appreciate someone taking some interest.  My problem is
that I am pretty new to trying and protect what information I have on my
system (with firewall, antivirus programs ,etc..) and to find out that
having a firewall protects your system to a certain point, that the
information that travel to and from the net are vulnerable in many different
ways.  Which I learned by accident one day when reading information on a
site that talked about VPN'S and SSH for which is extremely new to me.
Although I've learned a LITTLE about VPN, SSH proxies and SSH tunnels, I was
not aware that any were included with WinXP home or that there were free
services available to the general public for use.

  If I had been, I would still be a little wary, as I am not sure of how
much of my privacy is assured.
  From what I understand, a VPN is an encrypted type of security that is
between one system (in my case my single computer) and another that can act
as sort of a filter. As with the service I have, they allow me to
communicate through there IP address.  Therefore addresses I go to, should
they decide to send spam , virill,  whatever back to that location, it will
simply timeout.  However, from what little I have read thus far, it is a
much less well encryption than the SSH tunnel that is provided, which is
using 128-bit encryption. (although they have a third option which they call
SSH proxy, it apparently offers no encryption while running).

  One of the benefits I liked was the fact that if I can get the SSH Tunnel
to run, it should block 3rd party programs from calling out to places I do
not necessarily know.  Plus it keeps my information to myself from most
places, including my ISP. (If I wish to correspond with the C.I.A. about
what they really knew about the JFK assasination or visit sites on UFO'S
(joking on both) it should be my business ?!.). Plus until a couple of
months ago I did not reaslise that doing things, such as, downloading free
programs, could have 3rd party software or coding installed with said
programs.  Although the last sentance doesn't have anything to do with
encrypted communications, it tells me that there is a lot out there that I
do not understand, and until I do, I should do everything I can to protect
my system and myself.  I was a little surprised when I read that programs
like real media report back to their operator, what programs you run, etc..
on their media without a lot of people realising it.

  So the bottom line is, I don't really know the difference between the
apparently free encrypted services that are out there and those that are
charging for such. So any information that I can learn through these NG'S
are a large help. And unforunetely once I have a problem with something, I
really want to find out why it doesn't work. Even if I find a work around, I
like to figure out why the heck the darn thing is not working the way it is
supposed to. Atleast in electronics one can find the problem and trace it
back to the source of the problem.

  And to make things worse, I had added the program putty.exe and cmd.exe to
the allowed programs list in norton firewall and it had worked past that one
error of "server unexpectently closed connection", after a reboot, I now get
the same error even though I don't believe anything has changed..I love
computers, so fluid :)

  Again thank you for your interest and any feedback will be read and found
interesting ! :)

  Take care.

Quoted text here. Click to load it

Re: Problem w/symantec firewall & SSH Tunnel

Short definition of VPN (BTW you can probably get a better definition at

VPN stands for virtual private network. It acts like a secure hardwired
network connection between two computers and creates a virtual (software
based) network adapter on both. All network traffic on that interface is
encrypted and tunneled over another network such as the Internet.
Functionally it really is just like having a hardwire between the two
computers and it's just as secure.

I use OpenVPN even though it's not as simple to set up as the one MS
provides with WinXP because it was more configurable. In other words it
allowed me to choose which TCP port # to tunnel through. The MS one does
not and my company's firewall blocks the port it uses. Either VPN
however is as secure as you're going to get. Nobody is going to see the
data being sent back and forth. Now if someone installs malware on one
of the computers it can access the data just like any other program can.

The MS VPN uses a protocol called IPSEC. OpenVPN uses one called SSL. If
SSL is ever cracked, we have a lot more to worry about then who's going
to snoop the traffic to your little PC though. It's the protocol that's
uses to secure almost all sensitive data on the Internet. In other words
if it ever gets cracked we're all in deep doodoo.

OpenVPN did not have an easy to use wizard to set it up, but the
how-to's on the Internet, and comments in the config files were very

SSH tunneling is similar in that it creates a secure channel over
another network such as the Internet. It's different in that it's not a
virtual network adapter. Instead it forwards only the specified TCP
ports to a remote server. It too is considered secure. Secure enough
that the company I work for exchanges sensitive financial data every day
with our trading partners using it.


BTW is the service I use that sometimes for remote control
of my home computer. I prefer to use other solutions only because there
is a third party involved and I don't know how much I can trust them.
But if I'm on a public computer and don't have my other VPN or ssh
software installed, I can still access my home computer.
To reply by email remove "_nospam"

Site Timeline