Tuesday, 14 March 2017

Tunneling with Local Port Forwarding

This diagram illustrates that our localhost is being blocked from connection to the Target Server(say Sharp Server) using a proxy filter in our corporate network.

We need a gateway server which would accept the requests from the localhost and fetch data and tunneling it back. Actually the gateway server should have a access to the Target server to perform the tunneling.
For example, the some.server.com(say pvvault301p.dev.ch3.com) server has already got the access, to connect to the Target server, so it can act as a gateway to connect to the Target sever from the localhost .

To Create the SSH tunnel execute the following from Localhost.

1. First load the gateway server , which have the access to the Target server, in the putty

2. Select the Tunnels option from the category to add the binding port (this can be some arbitrary value) of localhost and remote host ip and port (sharp server ip and active ports).

The ‘L’ switch indicates that a local port forward is need to be created. The switch syntax is as follows.
-L <local-port-to-listen>:<remote-host>:<remote-port>

Refer the below diagram for understanding

Now the SSH client at localhost will connect to SSH server running at some.server.com (usually running at port 22) binding port 4444 of localhost to listen for local requests thus creating a SSH tunnel between some.server.com and localhost. At the some.server.com end it will create a connection to Target Server at port 17030. So localhost doesn’t need to know how to connect to Target Server. Only some.server.com needs to worry about that. The channel between localhost and some.server.com will be encrypted while the connection between some.server.com and localhost will be unencrypted.
Now it is possible to connect to target server by localhost:4444  at localhost computer. The some.server.com computer will act as a gateway which would accept requests from localhost machine and fetch data and tunneling it back.
3. Then click Open and enter the login credentials and keep it open.

Now the server is open to connect to Target server for the localhost

To test this replace the hardcoded target server details from the code with the binding port (4444)

The same can be modified in the xml or properties file( for ex:sharpserverconfig.xml) if the server details are taking from it.

After this the connection can be make from localhost to Target Server through tunneling.

Enjoy Learning.

No comments:

Post a Comment