Firewall Properties
Dialog
The Firewall Properties dialog can be accessed by clicking on either the Add... or Edit... button on the Firewall category of the Global Options dialog.
Name
Enter unique name for this firewall. This name will be used in the Session Options dialog to specify the firewall for a given session.
Type group
Select the type of firewall that you are using from the list of firewalls that are supported by SecureCRT.
Parameters group
This group allows you to configure the parameters for the firewall Type that you selected above. The options in this group vary based on the Type selection. The supported firewalls are listed below:
• Generic/Telnet - Choose this option if you connect through a proxy server that uses a simple send/expect interface. Selecting this type will enable the Proxy prompt and Proxy command options described below.
• SOCKS Version 4
• SOCKS Version 5 (no authentication The process of verifying that an individual truly is who he or she claims to be. Supplying a password is a very common method of authentication. The most secure method of authentication supported in SecureCRT is public-key authentication. See also: identity file, public-private key pair. )
• SOCKS
Version 5 (username/password) - If your firewall server is running
either SOCKS version 4 or SOCKS version 5, select one of these types for
the Type field. Enter the hostname or IP address
of your SOCKS firewall server in the "Hostname or IP" field,
and enter the SOCKS firewall port number in the "Port" field.
The conventional port number for SOCKS is 1080.
The "username/password" version
of the SOCKS firewall choices allows for firewall user authentication.
The only method of authentication currently supported is the "Username/Password
Authentication" protocol, which requires the username and password
to be sent as clear text. Therefore, this method is not recommended for
non-secure environments
• HTTP (no authentication) - This type allows your server to connect through an HTTP proxy server.
• HTTP (Basic username/password) - This type allows your server to connect through an HTTP proxy server that supports "Basic" authentication (this is an HTTP standard). "Basic" authentication sends usernames and passwords in the clear, therefore, this method is not recommended for nonsecure environments.
• OPEN host - Select this type if your firewall server requires the OPEN command. This type may be selected for the CSM proxy server. Also, enter the hostname and port of the firewall server in the appropriate fields.
• USER user@host:port - Select this type if your server is running the WinGate proxy server. Enter the hostname or IP address and port of the firewall server in the appropriate fields. This type may also be selected for use with the CSM proxy server. This type should also be used for the WinProxy proxy server. For this particular proxy server you may also need to have the Use outgoing data connections (PASV) option unchecked in the Connection/FTP category of the Session Options dialog.
• USER user@host port
• USER user@host port (with login) - Select these types if your server is running the TIS Internet Firewall Toolkit. Choose the first form if the firewall server does not require authentication. If your firewall server requires authentication, choose the second form. Also, enter the hostname or IP address and port of the firewall server in the appropriate fields.
• USER
user@host login - This type will send the remote username and the
server address followed by the firewall user ID. It then expects to send
the password for the remote user and the password for the firewall user.
This type should be used if your server is running the Raptor
Firewall.
For this firewall type you will need to enter the username and password
that is required by the firewall server to authenticate your connection A data path or circuit between two computers over a phone line, network cable, or other means.
. Also, enter the hostname or IP address and port of the firewall server
in the appropriate fields.
Hostname or IP
Enter the hostname or IP address of the machine to which you want to connect.
Port
Enter the port to which you want to connect. For a
SOCKS firewall, this is usually 1080.
Username
Enter the username for this connection.
Password
Enter the password for this connection.
Proxy prompt
This option applies only if you have selected Generic/Telnet
proxy as your firewall Type.
Enter the prompt that SecureCRT can expect to receive from the generic/Telnet proxy. For example, to use the TIS Firewall toolkit, the prompt would be:
tn-gw>
For WinGate, the prompt would be:
WinGate>
Proxy command
This option applies only if you have selected Generic/Telnet
proxy as your firewall Type.
Enter the connect or open command that SecureCRT needs to send to the generic/Telnet proxy. For example, to use the TIS Firewall toolkit, the command would be:
c %h % p\r
For WinGate, the command would be:
%h % p\r\n
The SSH SSH is an acronym for the Secure Shell protocol. A communications protocol used to encrypt network traffic between a client and a server. protocol imposes some special constraints on what firewall software can be used. SSH does work with SOCKS firewalls. SSH does not work with generic firewalls that are not 8-bit clean or that modify the contents of the data stream. SSH cannot be used through the TIS tn-gw generic proxy.