SSH Tunnel not working... "Administratively Probihited..."

nsanity · 01-03-2004, 08:14 AM

I'm trying to access some stuff behind a router, and the only access I have is port 22 and 23. I really need to open up ports, but if you have ever configured a linksys or smc router with links you are missing a lot of fun (not to mention aggravation). I want to be able to connect to port 4000 and have it forward remotely through the router to the router. My command line at the moment looks like:

ssh -2 -p 22 -l root -R 20000:192.168.2.1:80 -n remote.box

I also tried ssh tunneling to a local port:

ssh -L 16000:remote.box:80 remote.box

And then running netcat to tunnel the connections to the router on the other side, but alas... when I did that I got the following message:

debug1: channel 2: net [direct-tcpip]
channel 2: open failed: administratively prohibited: open failed
debug1: channel 2: free: direct-tcpip: listening port 16000 for remote.box port 2000, connect from 127.0.0.1 port 32807, nchannels 3

I am almost thinking there is a configuration error or something, but I have never had a problem port forwarding before. Any help is greatly appreciated.

david_ross · 01-03-2004, 12:51 PM

I'm not sure why you are using net cat and not just ssh. Can you clarify a bit?

nsanity · 01-03-2004, 01:04 PM

I was just experimenting... trying to get it to work. I hadn't messed with it using the -R command line option..

david_ross · 01-03-2004, 01:25 PM

Ok - If it is as I think, you can do it without netcat at all - am I right with the following:

Code:

 _____     ________                _________     ______
|     |   |        |              |         |   |      |
| You |---|Router 1|--{Internet}--| Router2 |---|Server|
|_____|   |________|              |_________|   |______|

You want to ssh to linux router 2 which has the public IP and connect to port 80 on Server (192.168.2.1). Then when you connect to http://lcoalhost:4000 you get the web page from Server?