Build ssh tunnels between two MSCS clustered virtual IP addresses & two SQL virtual IP

Posted on 2012-09-13
Last Modified: 2012-12-02
I have a pair of MS SQL 2008 clustered using MSCS servers
at datacenter A & another pair at a remote datacenter M.

For illustration purpose,  let's call the
- SQL cluster IP addr at DC A,   a.b.c.d  (not the MSCS cluster IP but SQL IP)
- SQL DTC IP addr at DC A,        e.f.g.h  (used by MS DTC)
- SQL cluster IP addr at DC M, m.n.p.q (not the MSCS cluster IP but SQL IP)
- SQL DTC IP addrat DC M,        r.s.t.u

Firewall rules for ssh is permitted for Tcp22 in both directions.

I have an ssh server (WinSSHD) running/listening at m.n.p.q & r.s.t.u.

If I have putty ssh client at a.b.c.d & e.f.g.h, how can I build an ssh
tunnel from a.b.c.d to m.n.p.q  and from e.f.g.h to r.s.t.u ?

Reason for building this tunnel is I have an urgent need to have
Tcp135 & a couple other Tcp ports to be transported over but it
takes 2 weeks for new firewall requests to be approved+implemented.

Note that all IP addresses above are virtual IP addresses on the
MS SQL 2008 servers
Question by:sunhux

    Author Comment

    & by building the ssh tunnels, I'll still need existing traffic of
    Tcp 1433 to be able to go thru via the usual channel (not thru
    the tunnel) ie from a.b.c.d to m.n.p.q
    LVL 51

    Assisted Solution

    are you aware that at least one end of the tunnel cannot be i.e. port 135?
    if so, can you please specify which server A or M is the one where to forward (tunnel) port 135 over ssh
    for example: do you want that a user/process on A connects to localhost:1135 which is tunneld to M:135

    Author Comment

    User in server A to be able to issue "telnet M_server_IP 135"
    (& the packets that originate from user in A will show the
     source IP address of server A)

    Do we need additional IP address to be assigned to both
    tunnel ends?

    Author Comment

    Rather than user/process, it's actually MS SQL client (in server A) &
    MS SQL server 2008 (in server M)
    LVL 51

    Assisted Solution

    > User in server A to be able to issue "telnet M_server_IP 135"
    for that you don't need a tunnel, as M is already listening on 135

    where is you problem with
       telnet M_server_IP 135

    Author Comment

    >where is you problem with     telnet M_server_IP 135
    There's currently no firewall rule permitting Tcp 135 from A to M
    but there's a firewall rule for Tcp22 (ssh) from A to M.

    I'll need my SQL client (running in A) to be able to send traffic
    to M (on Tcp port 135)
    LVL 51

    Accepted Solution

    on A% ssh -L 4235:M:135 user@M
    on A% telnet M 4235

    a bit more secure:
    on A% ssh -L localhost:4235:M:135 user@M

    Author Comment

    I'm not on Linux/UNIX,  I'm on Windows 2008, so ssh command
    is not applicable in my case.  Can you give the steps needed to
    set this up, say, using putty

    Author Closing Comment

    What's required is for Windows environment, not Linux/Unix

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Secure Shell (SSH) is a network protocol for secure data communication, mainly used to administer remote Unix / Linux servers via command line. But it also allows the user to open a secure tunnel between a client and a server where he can send any k…
    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    Viewers will learn how the fundamental information of how to create a table.
    Viewers will learn how to use the UPDATE and DELETE statements to change or remove existing data from their tables. Make a table: Update a specific column given a specific row using the UPDATE statement: Remove a set of values using the DELETE s…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now