Hi Terry, More questions, including based on your reply to me in the other branch of the thread.
> The Trustees are very concerned that machines in the Office are not > exposed to the Internet. > > This link shows the setup: > > https://wmtprojectsforum.altervista.org/forum/viewtopic.php?p=3502#p3502 Clearly, the office computers are exposed to the Internet. :-) Does WMT's office router have a static IP address when viewed from the Internet? Can an office computer reach a river-system Pi, i.e. does the railway-room's Pi route packets between eth1 and eth0? The office router probably provides a VPN. Perhaps it can be configured so only the railway-room Pi and beyond is accessible, especially if they have a different private network address than the office. Who configures the office router? How are you expecting a VPN to work? A home user will contact WMT's static IP address on a particular port, expecting the office-router to forward those packets to r-r Pi? The same would be required for SSH access. Does r-r's Pi SSH server currently listen on both eth0 and eth1 interfaces? -- Cheers, Ralph. -- Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
