Waterhouse
Member
Q: Can you run G@H behind a firewall?
A: 1) If your firewall supports SOCKS, G@H purports to support it and provides config options. But I couldn't make that work. Perhaps my company's firewall passes SOCKS only for certain port numbers.
2) I am currently ruuning G@H behind an HTTP only firewall, using HTTPort, thanks to a suggestion from poof. The config is not bad:
a) In ghclient.cfg, replace the line
server=vsp18.stanford.edu
with
server=127.0.0.1
Your original server name may be different - make a note of it (use your clipboard).
b) Fire up HTTPort. On the proxy tab, put in the name of your firewall proxy and port (probably 80). Under Bypass mode select "Remote host". On the Port Mapping tab, make a new mapping (call it Genome@home). Enter the following setting under the new mapping:
Local port: 10100 (this in from ghclient.cfg)
Remote host: vsp18.stanford.edu (this is from the "server=" in ghclient.cfg -
- it may be different for you)
Remote port: 10100 (again, from ghclient.cfg)
Unless you want them you can trash all the example mappings they give you.
c) Fire up HTTPort (on the Proxy tab hit Start). Fire up G@H and see if it connects. The HTTPort panel gives you some stats on the Port mapping tab.
This has worked pretty well for me, although since you're using a public proxy machine somewhere to do the reverse port translation, you're counting on its response, which has occasionally caused timeouts. But it seems reliable enough for this application. You can try changing the public server you use, from the list at HTTPort if you like to mess around. Good luck and happy tunneling.
A: 1) If your firewall supports SOCKS, G@H purports to support it and provides config options. But I couldn't make that work. Perhaps my company's firewall passes SOCKS only for certain port numbers.
2) I am currently ruuning G@H behind an HTTP only firewall, using HTTPort, thanks to a suggestion from poof. The config is not bad:
a) In ghclient.cfg, replace the line
server=vsp18.stanford.edu
with
server=127.0.0.1
Your original server name may be different - make a note of it (use your clipboard).
b) Fire up HTTPort. On the proxy tab, put in the name of your firewall proxy and port (probably 80). Under Bypass mode select "Remote host". On the Port Mapping tab, make a new mapping (call it Genome@home). Enter the following setting under the new mapping:
Local port: 10100 (this in from ghclient.cfg)
Remote host: vsp18.stanford.edu (this is from the "server=" in ghclient.cfg -
- it may be different for you)
Remote port: 10100 (again, from ghclient.cfg)
Unless you want them you can trash all the example mappings they give you.
c) Fire up HTTPort (on the Proxy tab hit Start). Fire up G@H and see if it connects. The HTTPort panel gives you some stats on the Port mapping tab.
This has worked pretty well for me, although since you're using a public proxy machine somewhere to do the reverse port translation, you're counting on its response, which has occasionally caused timeouts. But it seems reliable enough for this application. You can try changing the public server you use, from the list at HTTPort if you like to mess around. Good luck and happy tunneling.
