SSH Tunnel with remote port forward ....

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
FelipeF
DD-WRT Novice


Joined: 09 May 2017
Posts: 5

PostPosted: Thu Jun 13, 2019 21:40    Post subject: SSH Tunnel with remote port forward .... Reply with quote
[img]https://ibb.co/PWnxzGZ[/img]


Hello Everyone …
At my Apartment I have a DD-WRT router [Firmware: DD-WRT v3.0-r37495M kongat (10/28/1Cool]
On it I have configured SSH and I can connect fine to it from my office computer, and home computer, all ports are closed just the 46439 with a public/private key …
I can connect from office and home to DDWRT SSH server at Apartment and from there to my computer 192.168.69.5, for example with RDP
ssh -L 5555:192.168.69.5:3389 root@C.C.C.C -p 46439 -i private1
Then I RDP from PC2 as localhost:5555 and I connect to PC3
------
What I am looking to do now is …
First connect PC1 to SSH and start listening 4444:PC1:3389 RDP on external IP C.C.C.C:4444
Then at PC2 I want to be able to connect to RDP using external IP C.C.C.C:4444 and it will connect me to the computer PC1 at the office on port 3389 ….
Is it possible?? Does PC2 have to be also connected to the SSH server??
What command? based on my previous command (ssh -L 5555:192.168.69.5:3389 root@C.C.C.C -p 46439 -i private1) should I use???
I have also tried plink on PC1 to start listening, doesn’t work …

https://ibb.co/PWnxzGZ
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Thu Jun 13, 2019 22:24    Post subject: Reply with quote
FelipeF wrote:
I can connect from office and home to DDWRT SSH server at Apartment and from there to my computer 192.168.69.5, for example with RDP
ssh -L 5555:192.168.69.5:3389 root@C.C.C.C -p 46439 -i private1


Ok, I get it.

Quote:
Then I RDP from PC2 as localhost:5555 and I connect to PC3


This I don't get.

Quote:
First connect PC1 to SSH and start listening 4444:PC1:3389 RDP on external IP C.C.C.C:4444
Then at PC2 I want to be able to connect to RDP using external IP C.C.C.C:4444 and it will connect me to the computer PC1 at the office on port 3389 ….
Is it possible?? Does PC2 have to be also connected to the SSH server??


Obviously you have to be connected over ssh first. But in the case of the workplace, the firewall is usually the obstacle, so you connect the workplace ssh *client* to your ssh *server* at home, then reverse tunnel back into the workplace. This requires a remote port forward, NOT a local port forward.

Note, this is the kind of thing that can get you FIRED from your workplace! What you're doing is punching a hole in the workplace firewall so you can tunnel back in and thus bypass the firewall, which would normally block such an attempt. If this isn't your own business, I'd make sure to get permission before proceeding!

Now if it's the case your workplace is your own business, and you have the authority to establish a port forward for these purposes, then yes, you can use a local port forward, just like you did at the apartment. I don't see this being any different.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
FelipeF
DD-WRT Novice


Joined: 09 May 2017
Posts: 5

PostPosted: Thu Jun 13, 2019 23:33    Post subject: Reply with quote
Hello eibgrad, don't get me wrong, my purpose here is not to gain access to a workplace network ...

I know it says work on the example and that is all it is ...
At work we already have many technologies in place for remote access to computers ...

I just need to figure out the way to connect from completely different networks to one of my own SSH servers to open a port and start listening, then have my other computers from also different networks somehow reach the port I have open and forwarded and to be hosting on the one external IP all those ports open and automatically forward traffic to the computer with the open ports that are listening ...

I need to just figure out this part to basically host old DirectPlay games for people that can't open the required ports to host games on their routers, I just want to let them connect to my ssh server and then host the game and listen on this port .... so others can connect to just one IP address and in this IP find all the games hosted ....
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum