[jcifs] Can jCIFS be used to work over a secure tunnel?

Mohan Radhakrishnan mohanr at fss.co.in
Thu Aug 4 01:44:23 MDT 2011 

We did read up a bit on IPSec in the past but haven't implemented it. I
am replying because we use JCIFS and sometimes SSH ( requires the server
and a client ) to communicate between systems.

Our problem was that we initially thought systems in the DMZ could use
OpenSSH to communicate with internal systems over the SSH port instead
of the usual 445 required by SMB/TCP. This problem though is solved by a
secure DMZ reverse proxy. 

I think JCIFS over IPSec could be an alternate solution.

Thanks,
Mohan

-----Original Message-----
From: jcifs-bounces at lists.samba.org
[mailto:jcifs-bounces at lists.samba.org] On Behalf Of Sai Pullabhotla
Sent: Wednesday, April 13, 2011 8:43 PM
To: jcifs at lists.samba.org
Subject: Re: [jcifs] Can jCIFS be used to work over a secure tunnel?

Thanks Giampaolo, for the reply.

I personally do not have much experience with the IPSec, I'm just a
Java programmer. I was asked to find out if jCIFS can be used over a
secure channel. I read somewhere that IPSec could the trick (because
it works at the lower layers of the TCP stack, rather than the
application layer), but I'm not aware of what setup it requires on the
server and the clients. My little research on the Internet revealed
that the Client system and Server system require some configuration
changes for IPSec to work. Is this correct? I also read some posts on
the Internet where some people were using SSH tunnels. I think this
also requires special configuration/apps on server and client systems.
At this point, I'm trying to determine if any one has successfully
used jCIFS over IPSec or any other secure channel. Eventually, I will
have to try this out, but if some one already tried this, I'm curious
to know the results.

Any feedback is greatly appreciated.

Thanks.
Sai Pullabhotla


On Wed, Apr 13, 2011 at 9:17 AM, Giampaolo Tomassoni
<Giampaolo at tomassoni.biz> wrote:
>
> > From: jcifs-bounces at lists.samba.org
[mailto:jcifs-bounces at lists.samba.org]
> On Behalf Of Sai Pullabhotla
> >
> > Can some one shed some light on whether or not jCIFS can
> > be used over a secure channel (perhaps IPSec)?
> >
> > Thanks.
> >
> > Sai Pullabhotla
>
> jCIFS uses IP packets. Mostly TCP/IP ones. As long as these can get
through
> an IPSEC channel I don't see why it should't work.
>
> What is the matter? Are you having troubles with jCIFS-over-IPSEC?
>
> Giampaolo
>

More information about the jCIFS mailing list