Lets think about a network which is protecting by firewall and this firewall only allowing specific ports and one of them is SSH.
Today at work, i had to access one of our branch campus with RDP and i could not put a NAT rule because of our change policy on network.
 | |||
| Sample Network Map |
In this scenario I could not make change on firewall so I use my internal SSH server as a agent.
I used ssh port forwarding feature and I tunneled my RDP traffic into ssh tunnel. Basically my ssh server was connecting to RDP server but firewall was seeing only SSH traffic
Anyway to cut long story short I used this command on my laptop to tunnel my RDP traffic to SSH server
ssh -L 3389:{ip of windows server}:3389 {ip of ssh server} -l {ssh user} -N
Basically, i used this command ssh -L 3389:10.0.0.10:3389 10.0.0.5 -l root -N. After that i open my RDP client and I tried to connect 127.0.0.1:3389.
This command made my laptop listen tcp port 3389 and forward to my SSH server and my SSH server was forwarding all the traffic as well.
No comments:
Post a Comment