How to configure port forwarding with SSH

Besides using SSH to connect to (Linux) servers or network equipment you can also use it to tunnel traffic. In a way it works the same as a VPN as you can reach all hosts behind the SSH server. Besides being able to reach hosts behind the SSH server our traffic is also secure because it will be encrypted by SSH. Let me show you a picture to explain this:

ssh tunnel

Above you see a SSH client on the left side. This computer is on our LAN and has IP address 192.168.1.1. The most popular SSH client for Windows is putty and you can download it for free. If you are using Linux or a Mac you will be able to use SSH from the command-line. On the right side we have a SSH server with public IP address 1.2.3.4. In my picture this is a router but you can run SSH server on many devices including Windows, Linux, Mac, routers but also storage devices from Synology or Qnap. On the right side there’s also a webserver with IP address 192.168.2.1.

Using SSH we can connect to the router but perhaps you didn’t know it’s also possible to reach the webserver through the SSH tunnel! Let me show you how to do this with putty:

Putty Start Screen

First I will type in the IP address of the SSH server but before we click on “open” we’ll configure SSH tunneling. Take a look at the screenshot below:

putty ssh port forward

Click on “connection” to expand it and select “SSH”. Finally select “Tunnels” to configure SSH port forwarding. I want to reach the web server so the destination will be IP address 192.168.2.1 and port 80. You can pick any source port that you like. I chose number 5000. Click on the “Add” button and it will look like this:

putty forwarded ports

It will show you which ports will be forwarded. Now hit the “Open” button and type in your username and password that you normally use. You will see the normal SSH login screen but on the background our port will be forwarded. Let’s open a webbrowser and connect to the webserver:

ssh forwarded web traffic

I’ll type in “localhost” which refers to my local computer and port number 5000 which is the source port that I chose for the port forwarding in putty. As you can see it connects to the webserver! Whenever you connect to localhost port 5000 it will be forwarded to IP address 192.168.2.1 port 80.

The cool thing about SSH is that you only need to open 1 single port and by tunneling traffic like this you are able to reach any device behind the SSH server. Everything that it sent through this SSH tunnel is safe because it’s encrypted.

If you are using Linux or MAC you don’t have to use putty but you can use the command-line which is a lot easier:

sudo ssh -L 5000:192.168.2.1:80 1.2.3.4

The line above is the same as the configuration that I showed you in Putty. We will connect our local port 5000 to the remote web server (192.168.2.1 port 80) and we’ll connect to SSH server 1.2.3.4.

That’s all I wanted to show you! If you enjoyed this lesson please leave a comment or share it with your friends!

Tags: , , ,


Forum Replies

  1. Rene:
    Thanks for the Linux CLI cmd. I have just started relearning Linux and that really helps. Have started building some small ASA labs, from your list plus some more. Have Kali Linux in VBox. Am planning to add a couple of Linux servers to the labs and then attacking them; but its very slow going at this point. Again, thanks.

    Mikeb

Ask a question or join the discussion by visiting our Community Forum