LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 05-19-2008, 05:16 AM   #1
dannyk1
Member
 
Registered: Aug 2004
Location: Geelong, Vic Australia
Distribution: Gentoo, Ubuntu,and sometimes something from billy gates (when Im desperate)
Posts: 179

Rep: Reputation: 31
ssh tunnel wont work over the internet


Hi. I have been practicing ssh tunneling on my home network with great success.

I can run vnc and squid all over the one port to a gentoo box from both linux and windows machines (using putty).

The trouble starts when I try to do this from the internet.

Away from my network I only have access to Winxp machines so I have been trying to tunnel in with putty.

Putty will connect every time and I have full use of my shell, but I cannot run anything else through the tunnel (vnc, squid).

I am setting the tunnel up the same way as on my local network which works without a problem.

My network connects to the internet via a Netcomm NB5Plus4 DSL Modem.
I dont see how the firewall could be blocking the connection as putty still connects with a working shell, but nothing else will go down the tunnel..

Any suggestions???

Thanks Danny.

ps. I have tried to access this from several different remote locations using different Isp's.
 
Old 05-19-2008, 05:49 AM   #2
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
split the portforwarding on your router so that port 22 goes to a linux box.

(in all honesty, i would not forward all ports to a windows machine! way to insecure)
 
Old 05-19-2008, 05:54 AM   #3
dannyk1
Member
 
Registered: Aug 2004
Location: Geelong, Vic Australia
Distribution: Gentoo, Ubuntu,and sometimes something from billy gates (when Im desperate)
Posts: 179

Original Poster
Rep: Reputation: 31
Thats the way I have done it, but not port 22

I have a different port on the linux box listening and the router forwards that port only to that machine.

No other ports are open on the router.

The port forward works because I can ssh in from the internet using putty, I just can't get tunneling to work.
 
Old 05-19-2008, 05:57 AM   #4
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
then what are you trying to forward? ports < 1024 will require root privileges
 
Old 05-19-2008, 06:00 AM   #5
dannyk1
Member
 
Registered: Aug 2004
Location: Geelong, Vic Australia
Distribution: Gentoo, Ubuntu,and sometimes something from billy gates (when Im desperate)
Posts: 179

Original Poster
Rep: Reputation: 31
That might be my problem. I am trying to go above that.

I would rather use a port other than 22 as constant idiot attempts in my logs are a pain.

I play with a lower port and see how things go.

Thanks for the quick replies.

Last edited by dannyk1; 05-19-2008 at 06:17 AM.
 
Old 05-21-2008, 04:07 AM   #6
dannyk1
Member
 
Registered: Aug 2004
Location: Geelong, Vic Australia
Distribution: Gentoo, Ubuntu,and sometimes something from billy gates (when Im desperate)
Posts: 179

Original Poster
Rep: Reputation: 31
Still no go. I tried to set it up for a much lower port, and as before, I can putty into a shell but vnc wont connect.

I dont think root privileges is an issue as am getting a working shell and on the local network, it works without a problem.

Could it be something with the router?
Port forward is working as the shell connects and is very usable.

Any suggestions would be great.
 
Old 05-21-2008, 04:14 AM   #7
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
lets get this clear

tunneling a port lower 1024 requires root privileges (i.e. you must ssh into the linux box as root)
anything above 1024 is no issue

you setup putty to do a local forwarding (vncportip of host or 'localhost'):vncport) then connect vnc to localhost:vncport
 
Old 05-21-2008, 04:22 AM   #8
dannyk1
Member
 
Registered: Aug 2004
Location: Geelong, Vic Australia
Distribution: Gentoo, Ubuntu,and sometimes something from billy gates (when Im desperate)
Posts: 179

Original Poster
Rep: Reputation: 31
Thats right..

setting up the tunnel from another linux box I found I had to set up the tunnel something like

ssh -L 5901:192.168.1.15:5900 user@192.168.1.15 -p 7777

then connect using

vncviewer localhost:5901 or 127.0.0.1:5901



From a winxp machine using putty setup similar thing but I can usually keep 5900 for source and destination (but I also tried different combinations)

and connect localhost:5900 or 127.0.0.1:5900

From inside my local network, everything works fine.
From outside (at my works computer or at mums house) the shell connects but nothing else will

I have also been testing with squid on 3128 with similar results.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ftp over ssh tunnel; ftp refuses to work jakykong Linux - Networking 16 10-16-2011 08:34 AM
SSH tunnel doesn't work on local install, works on livecd depper Linux - Networking 3 10-17-2007 04:06 AM
why wont my internet work? jonny_fun Linux - Networking 3 05-01-2006 01:59 PM
Tunnel all internet traffic through a ssh connected remote computer Bateman Linux - Networking 12 12-10-2004 06:53 AM
why wont my internet work? jimthing2001 Linux - General 2 01-06-2004 09:14 AM


All times are GMT -5. The time now is 02:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration