How to enable ssh remote port forwarding

is there a way I can enable 'remote port forwarding using ssh' inside the VPN and then access to that bypassing the VPN?

Basically I have a system inside VPN and I want to access it without going through VPN. It's irritating to login via VPN everytime to access it
beer9Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
First you have to make sure the option is enabled on the ssh server side, /etc/ssh/sshd_config

Allowforwarding yes.

Now depending on which direction you want
From the connecting system to a system on the remote LAN system, you would use the -L localport:remotehosttobeaccessed:remoteport (localhost implied)

If you want a remote system to be able to access back through the VPN a local system, -R .........
savoneCommented:
I do not think arnold is understanding your question fully.

The answer is no, you can not bypass you VPN by forwarding anything on your Linux system, unless your network team is an absolute mess.

Chances are your company or sysadmin setup VPN for security purposes.  You should not try to circumvent that security.   There is most likely a firewall between your Linux system and the outside world and ports would have to be open on said firewall to allow you outside access bypassing the VPN.
arnoldCommented:
savone, it depends on how you interpret the question.  If an SSH connection is available outside the VPN and that is what the person wants to use, the server configuration is required to make sure port forwarding over SSH is available.

If ssh is only accessible via VPN, than no matter what changes the person makes to the ssh server, the VPN must be present for the ssh connection to work.
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

beer9Author Commented:
if there is a firewall between me and ssh then can I use port 80 to do ssh login? I am sure firewall will allow port 80 and 443.
arnoldCommented:
What are you trying to do?  It is one thing to use a different mechanism to access a set of resources, it is completely another if you are trying to circumvent .......
jmcgOwnerCommented:
If port 80 or 443 are open, it's normally because there's a webserver listening on those ports. If there's a webserver listening, then it won't let you use ssh to login on those ports.

If the firewall is carelessly leaving those ports open without there being a webserver listening -- and IF you can get an sshd service running on the server to listen to those ports -- THEN you could use it for ssh login.

The assignment of ports to services is entirely convention; if both sides of the conversation choose to ignore convention, then they can agree to collude and use the port for some unconventional purpose.

=====

But this is a digression. I agree with Savone: It sounds like you are desiring to circumvent -- as a matter of your own convenience -- a security feature set up to protect this server. Better to focus your efforts on finding tools that will reduce the inconvenience of using a VPN. It may well be possible to automate most of the VPN connection setup so that it is much less of an annoyance.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSH / Telnet Software

From novice to tech pro — start learning today.