Monday, September 17, 2012

Tunnel into secure network (SSH TUNNEL)

This post will be a note to future Ali :)

 Lets think about a network which is protecting by firewall and this firewall only allowing specific ports and one of them is SSH.

Today at work, i had to access one of our branch campus with RDP and i could not put a NAT rule because of our change policy on network.

Sample Network Map

 In this scenario I could not make change on firewall so I use my internal SSH server as a agent.

I used ssh port forwarding feature and I tunneled my RDP traffic into ssh tunnel. Basically  my ssh server was connecting to RDP server but firewall was seeing only SSH traffic 

Anyway to cut long story short I used this command on my laptop to tunnel my RDP traffic to SSH server

ssh -L 3389:{ip of windows server}:3389 {ip of ssh server} -l {ssh user} -N

Basically, i used this command ssh -L 3389: -l root -N. After that i open my RDP client and I tried to connect

This command made my laptop listen tcp port 3389 and forward to my SSH server and my SSH server was forwarding all the traffic as well.

No comments:

Post a Comment