Forwarding internet access to a remote machine

0

0

Unlike Forwarding Internet connection via SSH to a Linux console , my REMOTE machine is not behind a firewall.

REMOTE (192.168.12.34)

  • A machine that's connected locally only to the SERVER and a couple of machines within the same switch in the 192.168.. IP range.

SERVER (10.0.0.1 and 192.168.12.1)

  • A server that is connected to an internal network shared with my LAPTOP and other machines (in the 10.0.. IP range)
  • The server is also connected to a local switch that's not on the internal network but that allows connection to REMOTE (in the 192.168.. IP range)
  • Has connection to the internet.

LAPTOP (10.0.98.76)

  • My machine that can access SERVER through an internal network shared with SERVER and other machines but not REMOTE
  • Has connection to the internet.

To access the REMOTE from the LAPTOP, I usually do two hops, first to SERVER then to REMOTE

$ ssh 10.0.0.1
$ ssh 192.168.12.34

My question is how to forward all connections to and from REMOTE to the internet through SERVER?

I've no physical access and no GUI to both SERVER and REMOTE, so I can only do it through LAPTOP and command line.

alvas

Posted 2019-07-12T06:06:00.130

Reputation: 95

This doesn't seem different to the other question. You want REMOTE to be able to access the internet via SERVER. That is what the other question does, it is just a different perspective. LAPTOP is just the tool to log into them to set it up. – Paul – 2019-07-12T06:09:51.033

In that case, I would just directly use 8080 port to forward the internet access? Is there a way to just allow all ports' traffic to be forwarded from REMOTE to SERVER? – alvas – 2019-07-12T07:03:01.453

There are two examples in that question, once uses SOCKS which needs apps that support the socks protocol, and you can choose whatever port you like. The other uses sshuttle, which effectively sets up a VPN between the two hosts over ssh. This second option is the one you probably want. – Paul – 2019-07-16T06:55:09.953

@alvas: Could you explain why the solution in the given link doesn't work for you? – harrymc – 2019-07-29T06:09:55.663

Answers

2

You can use ssh and the sshd on the server to create a Socks proxy on your laptop:

ssh -N -R 9090:laptop:9090 -D 1080 10.0.0.1

This will not use a command or shell on the server (by -N).

localhost port 1080 is what you then configure on your laptop, most operating systems can work with old Socks.

Port 9090 is the golden pathway to your laptop.

Server is likely configured to deny this because you can tunnel all your tcp!

bbaassssiiee

Posted 2019-07-12T06:06:00.130

Reputation: 1 225

0

Just like you ssh twice, you could try to chain sshuttle twice.

HackSlash

Posted 2019-07-12T06:06:00.130

Reputation: 3 174

Asked: 2019-07-12T06:06:00.130

Viewed: 103 times

Active: 2019-08-03T21:08:36.060