Firewall Properties Dialog

SecureCRT


The Firewall Properties dialog can be accessed by clicking on either the Add... or Edit... button on the Firewall category of the Global Options dialog.

Name

Enter unique name for this firewall. This name will be used in the Session Options dialog to specify the firewall for a given session.

Type group

Select the type of firewall that you are using from the list of firewalls that are supported by SecureCRT.

Parameters group

This group allows you to configure the parameters for the firewall Type that you selected above. The options in this group vary based on the Type selection. The supported firewalls are listed below:

    Generic/Telnet - Choose this option if you connect through a proxy server that uses a simple send/expect interface. Selecting this type will enable the Proxy prompt and Proxy command options described below.

    SOCKS Version 4

    SOCKS Version 5 (no authentication The process of verifying that an individual truly is who he or she claims to be. Supplying a password is a very common method of authentication. The most secure method of authentication supported in SecureCRT is public-key authentication. See also: identity file, public-private key pair. )

    SOCKS Version 5 (username/password) - If your firewall server is running either SOCKS version 4 or SOCKS version 5, select one of these types for the Type field. Enter the hostname or IP address of your SOCKS firewall server in the "Hostname or IP" field, and enter the SOCKS firewall port number in the "Port" field. The conventional port number for SOCKS is 1080.
The "username/password" version of the SOCKS firewall choices allows for firewall user authentication. The only method of authentication currently supported is the "Username/Password Authentication" protocol, which requires the username and password to be sent as clear text. Therefore, this method is not recommended for non-secure environments

    HTTP (no authentication) - This type allows your server to connect through an HTTP proxy server.

    HTTP (Basic username/password) - This type allows your server to connect through an HTTP proxy server that supports "Basic" authentication (this is an HTTP standard). "Basic" authentication sends usernames and passwords in the clear, therefore, this method is not recommended for nonsecure environments.

    OPEN host - Select this type if your firewall server requires the OPEN command. This type may be selected for the CSM proxy server. Also, enter the hostname and port of the firewall server in the appropriate fields.

    USER user@host:port - Select this type if your server is running the WinGate proxy server. Enter the hostname or IP address and port of the firewall server in the appropriate fields. This type may also be selected for use with the CSM proxy server. This type should also be used for the WinProxy proxy server. For this particular proxy server you may also need to have the Use outgoing data connections (PASV) option unchecked in the Connection/FTP category of the Session Options dialog.

    USER user@host port

    USER user@host port (with login) - Select these types if your server is running the TIS Internet Firewall Toolkit. Choose the first form if the firewall server does not require authentication. If your firewall server requires authentication, choose the second form. Also, enter the hostname or IP address and port of the firewall server in the appropriate fields.

    USER user@host login - This type will send the remote username and the server address followed by the firewall user ID. It then expects to send the password for the remote user and the password for the firewall user. This type should be used if your server is running the Raptor Firewall.
For this firewall type you will need to enter the username and password that is required by the firewall server to authenticate your connection A data path or circuit between two computers over a phone line, network cable, or other means. . Also, enter the hostname or IP address and port of the firewall server in the appropriate fields.

Hostname or IP

Enter the hostname or IP address of the machine to which you want to connect.

Port

Enter the port to which you want to connect. For a SOCKS firewall, this is usually 1080.

Username

Enter the username for this connection.

Password

Enter the password for this connection.

Proxy prompt

This option applies only if you have selected Generic/Telnet proxy as your firewall Type.

Enter the prompt that SecureCRT can expect to receive from the generic/Telnet proxy. For example, to use the TIS Firewall toolkit, the prompt would be:

tn-gw>

For WinGate, the prompt would be:

WinGate>

Proxy command

This option applies only if you have selected Generic/Telnet proxy as your firewall Type.

Enter the connect or open command that SecureCRT needs to send to the generic/Telnet proxy. For example, to use the TIS Firewall toolkit, the command would be:

c %h % p\r

For WinGate, the command would be:

%h % p\r\n

The SSH SSH is an acronym for the Secure Shell protocol. A communications protocol used to encrypt network traffic between a client and a server. protocol imposes some special constraints on what firewall software can be used. SSH does work with SOCKS firewalls. SSH does not work with generic firewalls that are not 8-bit clean or that modify the contents of the data stream. SSH cannot be used through the TIS tn-gw generic proxy.