I have a PC which has a Public IP.It is a webserver but it is not a proxy server.I want to be able to do an ssh to the machines which are behind this webserver on LAN in one step.

Right now I do an SSH to this webserver and then do an SSH to any other machine on my LAN how can I do it in one step.

You'll likely want to setup some kind of port forwarding pseudo-proxying. Check out this article, its a bit old but generally relevant.

http://tldp.org/HOWTO/IP-Masquerade-...orwarders.html

You could make a script that first connects via SSH to the webserver in the background, with port forwarding configured to make connections to the interior machine's SSH port. Then it would start a 2nd SSH towards the forwarded port on the local host, which will get carried through the first SSH's forwarding and connect to the interior machine. If there are many interior machines, this can get more complicated. I have something similar set up, in reverse (connections come out to let me go in), done through cron jobs.

Thank you all for your support.I found this article useful
http://www.debian-administration.org/articles/73
Ya portforwarding via IPTABLES is required.
and this post was also helpful after I got a clue to forward ports
http://www.linuxforums.org/forum/lin...orwarding.html

If some one comes for the same problem here
It should be some thing like this
The destination and ports will change according to your internal setup.The above IPTABLE rule will be used on the machine that is your router or Gateway.To forward a request coming on port 3000 on router to a machine internal 192.168.1.9 at port 22 where SSH runs.
192.168.1.9 is the IP of internal machine which I want to access from internet via outside.I have used port 3000 you can use any from 1024 onwards.
Suppose you are at a coffee shop outside and you want to access your machine behind the router
you will do
The following article is also useful

2 members found this post helpful.