Access company intranet (http/https) using SSH (AllowTcpForwarding might be set to "no")

0

How can I access web services inside my company's LAN from the outside? I can SSH in to a machine that's inside the LAN.

I tried to use Putty to set up dynamic port forwarding and configured Firefox to use localhost as a SOCKS proxy, but that didn't seem to work. I can't access any page at all with this proxy configuration in Firefox.

Can it be that AllowTcpForwarding is set to no? How do I check?

Can it be anything else?

I want to be able to connect to several different web sites/services inside the LAN, both using http and https and running on port 80, 433, as well as other ports. I do not have root access to any machine inside the LAN.

So, how can I access web services inside my company's LAN?

EDIT:

$ cat /proc/sys/net/ipv4/conf/ppp0/forwarding
cat: /proc/sys/net/ipv4/conf/ppp0/forwarding: No such file or directory
$ cat /proc/sys/net/ipv4/conf/eth0/forwarding
0

So I guess that means AllowTcpForwarding is "no".

EDIT 2:

Lynx isn't installed, but I guess I could compile it and install it to ~/bin/, but I'm affraid that wouldn't help. One of the services I need to access is a fancy drag-and-drop web page, so I need to be able to use a modern graphical browser to access it.

EDIT 3:

So it looks like the SOCKS proxy I set up with Putty does work. But only for some URLs. We have a .pac file for automatic proxy configuration at work. The sites that I can access without the proxy config at work I can also access through my SOCKS proxy.

So to get everything working through my SOCKS proxy it seems like I need to incorporate the rules from the .pac file somehow. Anyone have any idea how to do that?

Tobbe

Posted 2013-04-19T11:25:51.270

Reputation: 339

This should be proposed to your IT department. Trying to bypass security does not bode well for future employment. – VBwhatnow – 2013-04-20T10:21:57.357

I'm not doing this to "bypass security". I'm merely trying to work more efficiently. – Tobbe – 2013-04-22T05:39:27.693

Answers

1

The easiest way is using simple port forwarding. In putty, head to the Connection->SSH->Tunnels category and enter:

  • a local port of your choosing in the Source port field
  • the host+port of your internal web service in the destination field
  • press Add

Here is an example:

enter image description here

After connecting, you can enter http://localhost:8081/ in your web browser and it will show you the web site which is hosted in your company LAN at the address http://192.168.1.17:80.

You will have to repeat the process for every web service you want to access, giving out new port numbers, e.g. you could access a second HTTPS service using Source port 8082 and Destination 192.168.1.18:443.

Stefan Seidel

Posted 2013-04-19T11:25:51.270

Reputation: 8 812

While I won't use this solution, it did get me thinking! Thank you. See my edit of my question for the full story :) – Tobbe – 2013-04-22T09:15:58.147

-1

you could use lynx. won't give you fancy graphics but will "access web services inside your company's LAN" on both 80 and 443, of course it has to be installed...

sdjuan

Posted 2013-04-19T11:25:51.270

Reputation: 271

I need to use a modern graphical web browser – Tobbe – 2013-04-20T07:15:17.860

Asked: 2013-04-19T11:25:51.270

Viewed: 1 384 times

Active: 2013-04-22T09:21:04.947