Who's Online

We have 2 guests online
How I connect to my linux box through a corporate firewall.
Written by Luke MacNeil   
Friday, 27 April 2007
I, like most, work for a company that filters certain network traffic, preventing me from easily accessing my boxes at home. But using this method, I am able to control my servers through both ssh and vnc.

Most companies block ssh traffic for obvious reasons. But I like the availablity of my boxes from wherever I may be sitting. To allow this functionality I had to sneak around a few things.

First.. Since the firewall blocks port 22, I had to change the port on my ssh server to listen elsewhere. I decided on port 443, because that port is widely open for https traffic, so I can sneak my ssh traffic through it without raising too many red flags. After configuring my server to listen on port 443, I am immediately able to ssh into the box, as long as I change the default port in my ssh client, putty, to 443. SSH is great and all, but there are some tasks that require the use of a GUI, like my money management software. I like to balance my checkbook every time I think of it, so to do that, I need to open up an X session...

I do this using VNC. Obviously, since I'm behind the firewall, I can't just connect to vnc through the default port, I have to do a little configuration. It is possible to pipe VNC traffic through an SSH tunnel... which is exactly what I do. In the putty client, I set up profile like this:

Basic: 
hostname: myhostname 
port: 443

Proxy: 
proxy: corporateproxy 
port: corporateproxyport 

Connections-SSH-Tunnels: 
Source Port: 5901 
Destination: localhost:5901 
Local 

Using these settings, I open an ssh tunnel to my server.. and once that's open, I can connect to my vnc server by using localhost:1 Be careful poking around your companies network though, if they find out, that sort of thing really pisses people off.

Comments
Add New Search
Thanks man
nowinter (192.118.35.xxx) 2007-11-27 14:55:03
It's too simple to be properly desribed anywhere :) so you did well you posted
it. After all, the tricky part for me was the Source port (which is the port
your viewer would connect to locally) and the destination port which is your
SERVER's port to listen on, and when it comes after localhost: , it's confusing.
I got through very many pages trying to get this, and finally I got it here.
Thanks!
Reply
Write comment
Name:
Email:
 
Title:
Please input the anti-spam code that you can read in the image.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."
 
[ Back ]