Scheduled opening/closing of ports

Discuss and get help to configure CacheGuard to protect Web servers
Douglas
Posts: 55
Joined: 15 Feb 2018 12:04

Re: Scheduled opening/closing of ports

Post by Douglas »

Success! Thank you!
User avatar
david
Posts: 163
Joined: 08 Aug 2015 20:38

Re: Scheduled opening/closing of ports

Post by david »

Happy to hear that :) You are very welcome! Out of curiosity, can you please tell me what SSH client do you use? (because I saw the ssh command in one of your post).

BR,
David Janeway
CacheGuard Technical Team
https://www.cacheguard.com
Douglas
Posts: 55
Joined: 15 Feb 2018 12:04

Re: Scheduled opening/closing of ports

Post by Douglas »

That is success i.e. login via Putty no longer prompts for password, but
ssh admin@10.0.10.254 "firewall external off R1 ; apply force ; quit"
is still prompting for a password.
Must be it doesn't know where the private key is, as I was able to tell Putty where it is.
User avatar
david
Posts: 163
Joined: 08 Aug 2015 20:38

Re: Scheduled opening/closing of ports

Post by david »

Yes, I think that should be the reason.

I assume that you have the ssh command under Windows. Please refer to your Windows documentation to know where to put the SSH private key and in which format. Maybe at the C:\Users\<username>\.ssh\id_rsa location and in OpenSSH format?

I don't know how it should be under Windows but under Linux the private key should be readable/writable only by its owner (<username> here). Otherwise it won't work!

BR,
David Janeway
CacheGuard Technical Team
https://www.cacheguard.com
Douglas
Posts: 55
Joined: 15 Feb 2018 12:04

Re: Scheduled opening/closing of ports

Post by Douglas »

Using Putty as my Windows SSH client and having created a profile in it called "CacheGuard" the following command line now works, because I told that Putty profile where my private key is under Connection, SSH, Auth, Private key file...:
putty.exe -ssh -load CacheGuard -m "C:\CacheGuard\FtpOff.txt" -t

FtpOff.txt contains:
firewall external off FTP21 ; apply force ; quit
Where FTP21 is an external rule.

The command line above is now in BlockFtp.bat and I've changed "Off" to "On" above, for UnblockFtp.bat.
These bat files are now called from Scheduled Tasks to achieve the availability of our FTP Server only during office hours.
Job done, I hope ;-)

Thanks again David.
User avatar
david
Posts: 163
Joined: 08 Aug 2015 20:38

Re: Scheduled opening/closing of ports

Post by david »

Thank you for your feedback!

Best Regards,
David Janeway
CacheGuard Technical Team
https://www.cacheguard.com
Post Reply