Apr 06, 2017 In this procedure, we will use Internet Explorer, Firefox and an RDP connection to demonstrate the use of a tunnel with an SSH connection, as well as configuring the tunnel with several other protocol types. Local Port Forwarding. Step 1 – Load the Session. In your PuTTY configuration, configure the Host Name and Port of your remote SSH.

We often receive questions about our SSH Tunnel entry. What does it do exactly? When do you need it? What does it eat in winter? How do you actually set it up? Let’s take a deeper look at it!

SSH tunneling is used to create a secure connection between a local and a remote computer, by going through another device that relays a specific service. Some people call this device a Jump or server. It’s basically an encrypted tunnel created through an SSH protocol connection. The SSH Tunnel can be used to establish a form of a virtual private network (VPN), and since the connection is encrypted, it can be useful for transferring unencrypted traffic over a network through an encrypted channel.

For example, we can use an SSH Tunnel to securely transfer files between a FTP server and a client even though the FTP protocol itself is not encrypted. It could also be useful when connecting a client through an SSH server protected by a firewall. SSH tunnels also provide a means to bypass firewalls that prohibit or filter certain internet services.

There are three ways to create an SSH tunnel:

Local port forwarding: The connections from the SSH client are forwarded via the SSH server, then to a destination server. Local port forwarding lets you connect from your local computer to another server. For example, you could use the local port forwarding to bypass a company firewall to connect to your client. It is the most used type of port forwarding.

Remote port forwarding: The connections from the SSH server are forwarded via the SSH client, then to a destination server. Remote port forwarding lets you connect from the remote SSH server to another server. For example, you could connect from your SSH server to a computer on your company's intranet. It is a less common type of port forwarding.

Dynamic port forwarding: The connections from various programs are forwarded via the SSH client, then via the SSH server, and finally to several destination servers. Each program that uses the proxy server needs to be configured specifically, and reconfigured when you stop using the proxy server. For example, dynamic port forwarding lets you bypass a company firewall that blocks web access altogether. It is rarely used as it is very time consuming to set up.

Settings

We will showcase the local port forwarding mode as it is the most commonly used by far.

To create an SSH tunnel, a given port of your local machine needs to be forwarded to a port on a remote machine, which will be the other end of the tunnel. This is the job of the SSH Server. Once the SSH tunnel has been established, the user simply connects to the local end of the tunnel in order to access the remote host transparently.

This might sound more complicated than it is — so let’s look at a concrete example of how to set up an SSH Tunnel. Let’s say you’re the IT technician at your office and need to connect to a client through an SSH server to perform work using RDP, but (there is always a but) it is protected by a company firewall. You need to get through the firewall in order to perform your work. The solution is to create an SSH Tunnel in Remote Desktop Manager to carry the RDP communication.

Start by creating an SSH Tunnel entry in Remote Desktop Manager.

In the SSH Server Settings, enter the following information:

Host: Enter your SSH Server host or IP address (please refer to (3) in the SSH Tunnel diagram).Port: Enter your SSH Server port (please refer to (4) in the SSH Tunnel diagram).Username: Enter your SSH Server username to connect.Password: Enter your SSH Server password to connect.

In the Outgoing Tunnel Settings, enter the following information:

Local address: 127.0.0.1 (please refer to (1) in the SSH Tunnel diagram).Local port: Use any unused port that you prefer, but RFC6335 states that the Private Port range is from 49152 to 65535 (please refer to (2) in the SSH Tunnel diagram).Remote host: Enter the host or IP address of your remote host (please refer to (5) in the SSH Tunnel diagram).Remote port: Specify the appropriate port for the chosen protocol. For instance, RDP’s default port is 3389 (please refer to (6) in the SSH Tunnel diagram).

Then create your remote session (in this example we will use an RDP session).

In the VPN tab of your session, in Open, select Always connect; in Type, select Session.

And finally, in the Settings tab of your VPN, simply select your newly created SSH Port entry.

You have now configured your session with the following rule: for each connection that comes on interface 127.0.0.1 and port 49152, forward that connection to the SSH server and request the server to forward that connection to your Remote Host.

Microsoft Remote Desktop Mac Ssh Tunnel Socks For Men

You can now launch your RDP session and your SSH Tunnel will automatically open, establish the connection, and then launch and open your RDP session.

One little side note: if you experience an error when launching your RDP session, adjust the After Execute Wait delay in the VPN/SSH/Gateway tab, which is located in the advanced properties of the session. As some servers are slower than others, the delay may be too short, in which case the session would get launched before the SSH server has had time to properly connect.

We truly hope that we’ve helped demystify the SSH Tunnel for you and, in doing so, made your day a little bit better!

Most of you have probably used a tunnel with an SSH connection. What you probably weren’t aware of is that you can use a dynamic tunnel to access all remote infrastructure. Furthermore, you can specify a port and a destination IP to have direct access. This process is achieved through your PuTTY configuration.

In this procedure, we will use Internet Explorer, Firefox and an RDP connection to demonstrate the use of a tunnel with an SSH connection, as well as configuring the tunnel with several other protocol types.

Local Port Forwarding

Step 1 – Load the Session

In your PuTTY configuration, configure the Host Name and Port of your remote SSH computer­. Enter your Saved Sessions name, and click Save. If your session already exists, Load it as shown below:

Step 2 – Configure PuTTY for RDP

In the Tunnels section in PuTTY, configure a specific Local port, such as 50001, that will redirect to 3389 of your destination server.

In the Source Port field, enter the local port that will be redirected.In the Destination field, enter the IP address as well as the destination port.Select Local and Auto to activate IPv4 and IPv6.

Here is an example from my local machine I would like to go to 172.128.123.10, server port 3389.

Please note that you may configure your ports for multiple servers simultaneously. Configuring a specific Local port such as 50002 will redirect to 80 of your destination server. Doing so will allow you to configure PuTTY to your web browser.

Once the configuration setup is complete, open an RDP connection and enter your local IP (127.0.0.1), along with the local port configuration in PuTTY.

As illustrated above, if I enter 127.0.0.1:50001, my connection will translate to the server 172.128.123.10:3389.

If I enter 127.0.0.1:50003, my connection will translate to the server 172.128.123.11:3389.

Step 3 – Configure the SSH Tunnel

In the Category menu, drill down to Connection --> SSH --> Tunnels. There are several ways to configure a Tunnel. We shall proceed with a browser tunnel configuration.

Advanced Scenario (Dynamic Port Forwarding)

Step 4 – Configure PuTTY for a Web Browser Tunnel.

At the Tunnels page, configure a Dynamic port between the ranges of 49152-65535. For additional information, refer to https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers 49152–65535.

Step 5 – Configure Your Software

Further information for Internet Explorer, Chrome or Edge can be seen in Step 5.1. For Firefox, refer to Step 5.2, and for RDP usage, refer to Step 2.

Step 5.1 – Configure Internet Explorer to Pass Through an SSH Tunnel

Microsoft Remote Desktop Mac Ssh Tunnel Socks For Women

As previously noted, configuring a tunnel through Internet Explorer will affect Google Chrome and Microsoft Edge.

Click on Internet options by navigating through your Control Panel in your Internet Explorer browser.

Select the Connections tab and click on LAN settings.

Check the Use a proxy server for your LAN box, and click Advanced.

Enter 127.0.0.1 of the host IP in the Socks field, with the configured Port of 4567, and click OK.

You should see a grey Address bar. If your remote segment IP differs from internal segment, please check the Bypass proxy server for local addresses box.

Once complete, you will be able to access Internet Explorer, Edge or Chrome to navigate onto an IIS server by entering the IP in your navigator. You may open a browser tab and visit http://172.128.123.10 in this example. Doing so will allow you to view the service from the Destination server.

Your configuration should look like the following figure.

Step 5.2 - Configure your Firefox Browser

In your Firefox browser, click on the Menu button in the top-right corner of the screen, and select Options. Then, navigate to the Advanced tab.

Microsoft Remote Desktop

Within the Advanced tab, select the Network tab and click on Settings in the Connection section.

Remote Desktop Mac

Once complete, you will be able to access Internet Explorer, Edge or Chrome to navigate onto an IIS server, by entering the IP in your navigator. You may open a browser tab and visit http://172.128.123.10 in this example. Doing so will allow you to view the service from the Destination server.