Solved

SSH port forwarding

Posted on 2014-10-24
3
360 Views
Last Modified: 2014-10-27
Right now I have a remote site that is blocked by a firewall and currently SSHing into the network via putty and port forwarding my VNC traffic through so I only have one port (22) open to the world (Internal network:192.168.2.0/24).  I now have a camera system that has an ip on a separate vlan (192.168.1.0/29).  I am able to get to the camera from the internal network to the video lan.  I get to the camera system via IP 192.168.1.2:3000 via a browser.  I want to be able to start an SSH session and open a browser and hit that address.  Is there a way to set this port forwarding up in putty to where I can open that session.  My SSH server is on the 192.168.2.0/24 network.  Any help is appreciate.
0
Comment
Question by:nagit
3 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 250 total points
Comment Utility
Yes, proxy all of your http traffic through your ssh tunnel.  

ssh -D 8080 USER@PUBLIC_IP -fN

where USER = is your ssh username
where PUBLIC_ip = is your ssh destination

In your browser, configure a SOCKS proxy using "localhost" as your SOCKS host and port 8080
0
 
LVL 35

Assisted Solution

by:mccarl
mccarl earned 250 total points
Comment Utility
The fact that you can reach 192.168.1.2:3000 with a browser on your internal network means that you should be able to reach that same address from your SSH server which is on the same network. Therefore, you should just be able to setup another port forwarding rule in Putty. It would be configured with "Source port" = whatever (you could use 3000 same as the cam) and "Destination" = "192.168.1.2:3000". Then from the machine that you are running putty (ie. external to your private networks), start the putty session and then browse to "localhost:3000" (or whatever port you picked as the Source port) and hopefully it works. This is how I do it with my camera, and it works because all the communication happen via that same port. If you camera is different and uses more than one port, the above may not work, but see how you go.
0
 

Author Closing Comment

by:nagit
Comment Utility
Thank you guys both worked just out.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now