The sce­nario:

There is a Remote Server in a large com­pany behind a fire­wall. You own the Mid­dle­Server, a pub­lic avail­able SSH server. Last but not least there is your Work­sta­tion — you want to con­trol the Remote­Server from this machine.

1
2
[REMOTE SRV]—[FW]—(INET)—[MIDDLESRV]—(INET)—[WRKSTATION]
 :3389 <—Remote Tunnel–>:12344<–Local Tunnel->:12333

In other words, this is a RDP-over-SSH tunnel…

On the Remote­Server, start a SSH ses­sion to the Mid­dle­Server. Change to the “Tun­nels Tab” and enter the REMOTE for­warded port:

For­ward Port 3389 from local­host to Port 12344 of the Mid­dle­Server (Remote port).

Now start a ses­sion from your Work­sta­tion to the MiddleServer:

We for­ward our local port 12333 the Mid­dle­Server port 12344.

And now fire-up the Ter­mi­nal Server Client (mstsc.exe):

Now you con­trol the Remote­Server with­out change any fire­wall rules…

One final note: use the “Keep Alive” option in Putty, so the idle con­nec­tion (Remote­Server — Mid­dle­Server) will not be closed:

SSH tunneling Part 3, out from the inside…

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*