SSH2 tunneling impossible on Pix 525?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Hi there,

I've been trying to setup a simple TCP SSH2 tunnel through a PIX 525
but keep getting an error back as soon as I try to use the tunnel
(logging into the Pix works fine). Basically I want port 4242 on my
localhost to be fwded to port 1666 on a machine behind the Pix.

Using PuTTY I get "Forwarded connection refused by server: Resource
shortage []", when using CygWin I get "channel 2: open failed:
resource shortage:". I get the same error when using ssh under Ubuntu.

I found a couple of web pages that discussed this problem and
apparently found workarounds for their Perl clients:

both seem to say the Pix has a bug where it can't allocate more than a
single channel per SSH2 connection, but then it would seem to be SSH
tunneling is basically impossible on a Pix.

I tried poking around the PuTTY source code (which is huge and very
old-style C), without luck.

btw I'm using PIX Version 7.2(2).

Any help is greatly appreciated!!

-- p

Site Timeline