Getting stunnel 4.20 for OS/2 to work - OS2

This is a discussion on Getting stunnel 4.20 for OS/2 to work - OS2 ; I am attempting to get stunnel working to wrap telnet access to a non secure system using VMODEM. As I am still testing it I am running my stunnel on a separate system. In the stunnel configuration file I am ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Getting stunnel 4.20 for OS/2 to work

  1. Getting stunnel 4.20 for OS/2 to work

    I am attempting to get stunnel working to wrap telnet access to a non
    secure system using VMODEM. As I am still testing it I am running my
    stunnel on a separate system. In the stunnel configuration file I am
    using:

    >[telnets]
    >accept = 992
    >connect = 192.168.80.1:23


    For testing purposes I am using the SSH device of ZOC 3.17 to access
    stunnel from another system on my LAN. Once I can use stunnel from a
    local system over the LAN successfully I will test things forwarding that
    port from my router to stunnel allowing internet access. After this works
    successfully I will look into moving stunnel to the server with VMODEM.

    ZOC connects to stunnel as far as I can see, but the connection to my
    VMODEM system from stunnel does not appear to happen, as VMODEM shows no
    connection and there is no response to anything typed in ZOC, yet ZOC
    reports a connection being made. Here is the stunnel log output:

    >11:56:07 LOG5[106:89]: stunnel 4.20 on i386-pc-os2-emx with OpenSSL 0.9.8d 28 Sep 2006
    >11:56:07 LOG5[106:89]: Threading: SSL:ENGINE Sockets:SELECT,IPv4
    >11:56:07 LOG7[106:89]: FD 5 in non-blocking mode
    >11:56:07 LOG7[106:89]: SO_REUSEADDR option set on accept socket
    >11:56:07 LOG7[106:89]: telnets bound to 0.0.0.0:992
    >12:02:15 LOG7[106:89]: telnets accepted FD=6 from 192.168.80.99:52514
    >12:02:15 LOG7[106:89]: Creating a new thread
    >12:02:15 LOG7[106:89]: New thread created
    >12:02:15 LOG7[180:89]: telnets started
    >12:02:15 LOG7[180:89]: FD 6 in non-blocking mode
    >12:02:15 LOG7[180:89]: TCP_NODELAY option set on local socket
    >12:02:15 LOG5[180:89]: telnets accepted connection from 192.168.80.99:52514
    >12:02:15 LOG7[180:89]: SSL state (accept): before/accept initialization
    >12:20:24 LOG7[106:89]: telnets accepted FD=7 from 192.168.80.99:52521
    >12:20:25 LOG7[106:89]: Creating a new thread
    >12:20:25 LOG7[106:89]: New thread created
    >12:20:25 LOG7[187:89]: telnets started
    >12:20:26 LOG7[187:89]: FD 7 in non-blocking mode
    >12:20:26 LOG7[187:89]: TCP_NODELAY option set on local socket
    >12:20:26 LOG5[187:89]: telnets accepted connection from 192.168.80.99:52521
    >12:20:26 LOG7[187:89]: SSL state (accept): before/accept initialization
    >12:22:33 LOG3[106:89]: Received signal 2; terminating


    In the above log you see two attempted connections from ZOC, but as I
    noted the connection to the VMODEM system never occurs. Anyone made a
    similar system work? What am I missing? I can use ZOC from the system I
    am running stunnel on to the VMODEM system and it connects fine, so there
    are no connectivity problems.

    -- Dave
    -----------------------------------------------------------
    dhdurgeeverizonnet
    -----------------------------------------------------------


  2. Re: Getting stunnel 4.20 for OS/2 to work

    On Fri, 9 Nov 2007 17:41:18 UTC in comp.os.os2.apps, me@privacy.net wrote:

    > >[telnets]
    > >accept = 992
    > >connect = 192.168.80.1:23


    You've got secure connection to something that doesn't talk SSL! You need
    stunnel the other end too - configured in mirror fashion to accept connections
    inbound on port 992 (f.e.) and connecting to port 23 locally.

    --
    Trevor Hemsley, Brighton, UK
    Trevor dot Hemsley at ntlworld dot com

  3. Re: Getting stunnel 4.20 for OS/2 to work

    In , on 11/09/2007
    at 02:14 PM, "Trevor Hemsley"
    said:

    >On Fri, 9 Nov 2007 17:41:18 UTC in comp.os.os2.apps, me@privacy.net
    >wrote:


    >> >[telnets]
    >> >accept = 992
    >> >connect = 192.168.80.1:23


    >You've got secure connection to something that doesn't talk SSL! You need
    > stunnel the other end too - configured in mirror fashion to accept
    >connections inbound on port 992 (f.e.) and connecting to port 23
    >locally.


    Did I miss something? This config is not defined as a client, but as a
    server. The intent was to "reach out" to the telnet port over my LAN as
    opposed to running stunnel on the server itself. I did not see anything
    in the stunnel documentation saying server connections were limited to
    localhost. Does that limitation exist? If so, I am going to need to
    rethink my testing environment.

    The current test configuration was intended to operate as follows:

    192.168.80.99 - client running ZOC/SSH
    192.168.80.4 - stunnel server for SSH to forward to VMODEM on server
    192.168.80.1 - VMODEM pool for VM/ESA receiving telnet calls

    At present I can use the ZOC telnet device from either .99 or .4 to .1 and
    access the VMODEM access to VM/ESA fine.

    The intent is to provide encrypted access to the VM/ESA system using
    stunnel as an alternative to telnet over a VPN. The motivation is to
    permit access for a client whose only internet access is via proxy. As I
    have been unable to find a way to create a VPN over a proxy this is an
    approach I hope will address the problem. Of course if you can point me
    to a way to establish a VPN using a proxy I would be happy to be proven
    wrong. The firewall at this site does not support IPSec pass-thru, so the
    connection would need to use a proxy intermediary. In fact DNS service
    behind the firewall resolves only intranet, so no direct internet
    communications of any kind is supported.

    -- Dave
    -----------------------------------------------------------
    dhdurgeeverizonnet
    -----------------------------------------------------------


+ Reply to Thread