SSH Port Forwarding Tunnels

This is a handy trick to view pages directly on a web server running on a machine that is behind a firewall and not connected directly to the Internet. I used to use this to connect to machines in my lab at work. They could connect to the Internet through a gateway, proxy server or somesuch, but you couldn’t connect directly to them from outside… but you could connect to the gateway from outside.

Let’s assume your gateway is a machine called “something.somewhere.com” and it is connected to a LAN with a network address of 192.168.200.0/24.  If you’re on a Linux box, you can create your tunnel like this:

ssh username@something.somewhere.com -L 8080:192.168.200.10:80

What this means:

ssh username@something.somewhere.com 

– make a secure shell connection to the gateway, where you will log in as “username”. Presumably this is no great mystery.

-L 8080:192.168.200.10:80

-L means forward a Local Port, in this case 8080, which is forwarded to port 80 on the machine with IP address 192.168.200.10

When you hit enter you connect to something.somewhere.com machine over SSH, give your passwd and log in.

You would now point your browser at http://localhost:8080 to see the web site on 192.168.200.10.

——————————–

Can I do that with windows, say with PuTTY?

Yes.

1. In your PuTTY session settings put the address of the machine that you wish to secure shell to, in this case something.somewhere.com

 

2. Now switch to the SSH/Tunnels dialogue and put the Local port number (8080 in this case) into the Source Port field and put the destination address and the destination port in the the Destination field.

 

3. Hit the Add button to add these settings to the session.

 

4. Note: If the machine that you are tunneling through can resolve the names of the machines on the remote LAN, you can specify the destination as a hostname:port combination as shown above.

References

Gheorghiu, G.,, 2006. SSH tunnelling with PuTTY. [Online] Available at: http://agiletesting.blogspot.com/2006/05/ssh-tunnelling-with-putty.html [Accessed 1 November 2009].

Tatham, S., 2009. PuTTY User Manual. [Online] available at: http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter3.html#using-port-forwarding [Accessed 1 November 2009].

Flickenger, R., 2003. Linux Server Hacks. 1st ed. O’Reilly.

 

Advertisements
This entry was posted in Linux Stuff, Reminders. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s