Interesting routing via ssh tunnels.
I have been attempting recently to gain remote access to a machine behind a firewall. The trick is this: the machine I need access to is behind a firewall, and in that firewall the only known hole is to a different machine via ssh. I was able to setup an iptables rule to forward the port I needed to the unreachable machine, and I thought it would be a simple matter of using an ssh forwarding rule to get to this machine and allow iptables to take over. So what I have now is an ssh rule:
ssh -L1700:localhost:1700 remote This begins the forwarding from my machine to the reachable inside. Then the iptables rule looks like this: iptables -A FORWARD -s 0/0 -i eth0 -d unreachable -o eth0 -p TCP --sport 1700 --dport 1700 -j ACCEPT This should let me connect as such: local -> ssh tunnel -> remote -> forward -> unreachable The problem is that it works inside, but not when I am outside of the firewall. I was under the impression this would solve all of my problems. I'm open to suggestions, and if more info is needed (I think I covered it all) I will provide it. Thanks in advance, Alunduil |
You can always have the unreachable machine connect to you using SSH and setup a reverse tunnel that you can then connect to on your local machine.
On the unreachable machine run this. Code:
ssh -R 1080:unreachable:22 user@reachable Code:
ssh -p 1080 user@localhost |
The true problem I guess I forgot to mention was that unreachable AFAIK only has the one port open running a license manager server. This server is what I need to get to, and I have no rights on it. Not even piddly user rights through a web interface. I have to just get my packets to the machine and back, but don't know a way to do this. Thanks for the suggestion, it's just not feasible.
Thanks, Alunduil |
All times are GMT -5. The time now is 07:51 AM. |