This is a discussion on Re: X-like Port Forwarding - openssh ; I had the difficult task of trying to port forward some traffic that was blocked in the firewall. Using putty on my local host I am able to tunnel (5900, 1044, and 1045) traffic to the remote host. My situation: ...
I had the difficult task of trying to port forward some traffic that was
blocked in the firewall. Using putty on my local host I am able to
tunnel (5900, 1044, and 1045) traffic to the remote host.
MyPc on Intranet -> /FW/ -> Hop box -> /FW/ -> Desired/Network ->/FW/ =>
Here is an outline of what needs to be done.
IN putty go to the tunnels section:
SOURCE PORT: 5900
In the upper box you should not have a line that looks like
Do the same for EACH port that you have to forward. Now go to
the SSH section. IN the line that states Remote Command put something
like the following:
ssh -NL 15900:Final_destination:5900 -L 1180:final_destination:80
It is IMPORTANT that the ports in the ssh -NL line match that what was
used in the Tunnel section, as well you might want to have SSH keys
setup so that you do not have to log into the systems. I also have on
the configuration page a HOP/JUMP server that can talk to
now point your traffic to local host after you started the SSH session
and you are good to go. You can not have ports duplicated because the
port is in use and if you are not root the Listen port needs to be
grater than 1024 unless your OS lets you open the privileged ports.
I hope this helps.
Now do not use this to bypass a corporate firewall to get to porno
sites, or other sites that would violate your company policies.
If more concise details are needed just ask I will provide what I can.
On Thu, 2007-08-09 at 19:31 -0700, Robert Hajime Lanning wrote:
> For X, ssh should setup the whole thing itself. It actually makes a
> virtual X server
> on the server side and proxies things across, taking care of
> authentication issues.
> Your $DISPLAY would be something like "localhost:10".
> Use the "-X" option.
> For other port forwarding, your syntax is correct. You just need to
> have whatever
> program connect to localhost, not your client machine.
> On 8/8/07, Charles Ritter
> > Hello,
> > Does SSH support forwarding miscellaneous ports between two firewalled
> > hosts? My scenario is this:
> > 12345-| |-12345
> > MyPC |---------------22-| Server
> > 6000-| |-6000
> > Forwarding 12345 on server to MyPC:
> > ssh -R 12345:mypc:12345 server
> > This seem to work as long as mypc can be resolved by the server.
> > However, it does not work when mypc is NAT'd and unresolvable.
> > Shouldn't it work though? Considering I initiated the connection,
> > shouldn't the remote server be able/willing to send the data? X11
> > forwarding works in this case, and with a much simpler syntax:
> > ssh -Y server
> > Shouldn't something like this work in this case:
> > ssh -R 12345:localhost:12345 server
> > ssh -R 12345::12345 server
> > ssh -R 12345 server
> > Am I missing something?
> > Thanks
> > Chuck