4
I encoutered a scenario that is : A can access B via SSH (B can't access A, because nat), A can access C via SSH ( C can't access A, because nat), B and C can't access each other, there are in different network.
A->B, A->C, C->B? my quesiton is how to set the tunnel or command to let C can access B?
user1629310
Posted 2012-08-30T04:24:04.840
Reputation: 41
4
To make an ssh tunnel from B to C, run these commands on host A:
ssh -n -R 3300:localhost:3300 B sleep 999999999 &
ssh -n -L 3300:localhost:22 C sleep 999999999 &
replacing B and C with the appropriate hostnames.
Now on B you can
ssh -p 3300 localhost
and connect to host C. When you want to tear down the tunnel, on host A bring the ssh commands out of the background and type Ctrl-C.
Kyle Jones
Posted 2012-08-30T04:24:04.840
Reputation: 5 706
1
A closely related variation on this question is the case where neither B nor C can be accessed, but both can access A. The goal is to allow C to access B.
i.e. B -> A, C -> A, C -> B?
From B
ssh -n A -R 9007:localhost:22 sleep 999999999 &
From C
ssh -n A -L 9008:localhost:9007 sleep 999999999 &
From C
ssh -p 9008 localhost
jimmi
Posted 2012-08-30T04:24:04.840
Reputation: 11
-3
It sounds like you need to look into "port forwarding" or possibly even allowing DNZ. That way, whatever your public IP happens to be is all anyone outside of your LAN has to know. That and whatever port number your VPN server/clients connect on. (I assume you're trying to use PPTP "tunneling" with a VPN and aren't trying to run a web server or something.)
Otherwise, if this is all on the same LAN then it may be that you have a firewall issue (my first suspicion), DNS problems, or maybe even DHCP issues. It could more exotically be a failing switch too. But I seriously doubt you have NAT (Network Address Translation) issues within your own LAN.
Bubba
Posted 2012-08-30T04:24:04.840
Reputation: 22
1-1: The question isn't about NAT transversal, it's about SSH tunneling over a described NAT environment. – NReilingh – 2012-08-30T05:44:40.747