how to allow remote access for multiple IPs?

Discussion in 'Tomato Firmware' started by tomatensauce, Feb 13, 2009.

  1. tomatensauce

    tomatensauce LI Guru Member

    I'd like to restrict remote access to tomato to certain IPs - although more than one, but unfortunately they are not in the same subnet.

    So it is obvious, that tomato supports this by entering an IP in the "Remote Web/SSH Admin Restriction" field in "Administration" -> "Admin Access". This field seems to accept either a single IP, a whole subnet or an IP range.

    I tried to enter two single IPs, separated by a comma, but it complained that it was invalid. Is there a way to do this?
  2. nsmith

    nsmith Addicted to LI Member

    I seemed to get it working with a script, but I am no expert so YMMV. I turned off the ssh demon in the GUI and put the following in the firewall script:

    You just need to change the 111.222.333.444 to the IP address of the machine you are running ssh from. You can then repeat the last line with other IP addresses. Also starting dropbear with the -a switch permits ssh tunneling.
  3. nsmith

    nsmith Addicted to LI Member

    Playing with this a little more I can only get it to work correctly after a reboot by starting with a 10 second sleep (sleep 10s) before the rest of the above script. There must be a better synchronize but I done know what it is.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice