ssh reverse proxy to enable remote access behind a LAN and firewall

So say you are behind a typical NAT/LAN setup whether at home, work or while travelling.  What if you have a computer or server that you need to connect to from the outside?

Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature.

Requirements

On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be sure to restart sshd after making the change)

Your sshd_config needs this:

GatewayPorts yes
 

On the client / machine that is behind the firewall run the SSH command

ssh -R 33000:localhost:3389 username@remoteip

33000 means when we connect to remoteip:33000 we will be connected to port 3389 o the localhost.

Now we can change the localhost to another IP on our LAN if we wanted to.

Now if we connected to remote ip's 3389 we could connect to RDP even though the machine is firewall'd (this works even if all ports are closed and nothing is forwarded to your machine since the ssh -R reverse proxy command is what handles our inbound connections through the remoteip).


Tags:

ssh, proxy, enable, lan, firewallso, nat, travelling, server, vpn, tunneling, feature, requirements, gatewayports, enabled, sshd_config, restart, sshd, firewall, localhost, username, remoteip, ip, rdp, ports, forwarded, handles, inbound, connections,

Latest Articles

  • Linux qemu-kvm How To Enable Soundcard in Guestl
  • QEMU-KVM Windows and Server Guest Installs Mouse Tracking Pointer Location Solution
  • SSH Keep Alive To stop Disconnections
  • Linux How To Disable SATA NCQ For Better Performance
  • the sign-in method you're trying to use isn't allowed. For more info, contact your network administrator - solution for active directory
  • gsmartcontrol for Windows to Check the SMART S.M.A.R.T status
  • WebRTC Vulnerability Shows Local IP Address Even When Using a Proxy or VPN Firefox Fix And Disable Solution
  • chroot in Linux Howto Simple and Easy Guide
  • qemu-kvm qemu-system Image format was not specified for '/mnt/space/cucm12.img' and probing guessed raw. Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted. Specify the 'ra
  • Linux Over VNC VMWare How To Switch Virtual Terminals Console Without Using Ctrl+Alt+F1
  • Skype For Business 2015 and 2019 Guide, Reference, Howto and Troubleshooting Solutions
  • Centos 6 or 7 no DHCP IP during startup on first boot or reboot solution
  • Debian / Mint / Ubuntu net-tools packages provides netstat, ifconfig, route, arp and other classic network admin tools
  • Linux Mint XWindows Ubuntu MATE or Cinnamon How To Restart The GUI / Graphics / Session if it freezes without losing current windows or programs
  • Linux bash prompt why does it not show username@host and the current directory?
  • Microsoft SQL Server Check What Version is Running
  • How to install and setup LXC Containers (OpenVZ alternative) on Centos 6 / 7
  • Cisco CUCM Unified Communication Manager Howto Guide and Tutorials
  • SSH persistent and automatic login script for proxy
  • SSH proxy/command in the background or from cron script