SSH Port Forwarding Tunnels

This is a handy trick to view pages directly on a web server running on a machine that is behind a firewall and not connected directly to the Internet. I used to use this to connect to machines in my lab at work. They could connect to the Internet through a gateway, proxy server or somesuch, but you couldn’t connect directly to them from outside… but you could connect to the gateway from outside.

Let’s assume your gateway is a machine called “” and it is connected to a LAN with a network address of  If you’re on a Linux box, you can create your tunnel like this:

ssh -L 8080:

What this means:


– make a secure shell connection to the gateway, where you will log in as “username”. Presumably this is no great mystery.

-L 8080:

-L means forward a Local Port, in this case 8080, which is forwarded to port 80 on the machine with IP address

When you hit enter you connect to machine over SSH, give your passwd and log in.

You would now point your browser at http://localhost:8080 to see the web site on


Can I do that with windows, say with PuTTY?


1. In your PuTTY session settings put the address of the machine that you wish to secure shell to, in this case


2. Now switch to the SSH/Tunnels dialogue and put the Local port number (8080 in this case) into the Source Port field and put the destination address and the destination port in the the Destination field.


3. Hit the Add button to add these settings to the session.


4. Note: If the machine that you are tunneling through can resolve the names of the machines on the remote LAN, you can specify the destination as a hostname:port combination as shown above.


Gheorghiu, G.,, 2006. SSH tunnelling with PuTTY. [Online] Available at: [Accessed 1 November 2009].

Tatham, S., 2009. PuTTY User Manual. [Online] available at: [Accessed 1 November 2009].

Flickenger, R., 2003. Linux Server Hacks. 1st ed. O’Reilly.


This entry was posted in Linux Stuff, Reminders. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s