Pages

Monday, September 17, 2012

Tunnel into secure network (SSH TUNNEL)


This post will be a note to future Ali :)

 Lets think about a network which is protecting by firewall and this firewall only allowing specific ports and one of them is SSH.

Today at work, i had to access one of our branch campus with RDP and i could not put a NAT rule because of our change policy on network.

Sample Network Map



 In this scenario I could not make change on firewall so I use my internal SSH server as a agent.

I used ssh port forwarding feature and I tunneled my RDP traffic into ssh tunnel. Basically  my ssh server was connecting to RDP server but firewall was seeing only SSH traffic 

Anyway to cut long story short I used this command on my laptop to tunnel my RDP traffic to SSH server

ssh -L 3389:{ip of windows server}:3389 {ip of ssh server} -l {ssh user} -N

Basically, i used this command ssh -L 3389:10.0.0.10:3389 10.0.0.5 -l root -N. After that i open my RDP client and I tried to connect 127.0.0.1:3389.

This command made my laptop listen tcp port 3389 and forward to my SSH server and my SSH server was forwarding all the traffic as well.
  

No comments:

Post a Comment