1
My situation is as follow :
I have a client on a network where only port 80 is open. I'd like to be able to connect to a FTP (port 20 - 21) from this client.
Is there any way to redirect traffic through port 80 to pass the firewall? I was thinking of a proxy or a VPN.
If I use a proxy, is it possible to only active it for requests whose destination is a port different from 80?
If I use a VPN, does PPTP have a chance to work? I read that it uses a different Transport Layer, but I'm not sure on the impact on a firewall.
EDIT :
I have created a C2S port-forwarding rule (port 20/21) with PuTTy's Bitvise Tunnelier, to a third party computer which has these ports open (firewall, PAT).
If I try to connect to my FTP from the client in my secured network, I get these logs :
Filezilla
Status: Resolving address of ape2i.com
Status: Connecting to 5.135.164.135:21...
Error: Connection timed out
Error: Could not connect to server
NppFTP
-> TYPE I
Connecting
-> Quit
Unable to connect
If I try to telnet on port 21 with PuTTY, I get this error
Network error: Connection timed out
FOLLOW UP :
I finally managed to make it work with OpenVPN.
In the "Open" network, I created a NAT/PAT rule to redirect TCP traffic from port 443 inbound to port 1194 outbound on a specific machine. On this machine, I installed my OpenVPN server and configured it to push routes on client to reroute all traffic.
push "redirect-gateway def1 bypass-dhcp"
I also bridged my virtual tunneling interface with my ethernet NIC card and assigned it a static IP address.
In the "Secure" network, I installed OpenVPN client and configured it to connect to the IP/Port of the "Open" network.
Thrax
Posted 2014-11-12T15:45:28.900
Reputation: 113
I've established a SSH Tunnel using Putty's Bitvise Tunnelier. I tried adding a rule C2S (Client to Server) to forward port 20/21 to a third machine (SSH server, ports open). Unfortunately it doesn't seem to do anything (connection between SSH client and server works, a HTTP SOCKSv4 proxy works for HTTP request, but FTP still doesn't work) – Thrax – 2014-11-14T09:30:29.810
Can you specify how FTP fails? Can you logon to the FTP server? Can you telnet on port 21 into the FTP server? – user3767013 – 2014-11-14T19:59:14.543
See updated question – Thrax – 2014-11-17T07:59:05.243
Since you cannot reach port 21, the VPN software is not working as needed. Can you PING the destination IP? – user3767013 – 2014-11-17T08:33:22.480
No I cannot PING the destination from the secured network. I can PING the destination from the third party Computer – Thrax – 2014-11-17T08:39:54.907
Then you need help on the VPN software. First make sure the tunnel is established and you can reach the VPN server, the configure the routing tables on the VPN server so that it can reach the FTP server. At last you may need to configure the FTP server so it sends the answer back to the VPN server. – user3767013 – 2014-11-17T08:46:08.717
Ok, I guess my tunnel is not working as intended. I'll mark this question as resolved, since you pointed me to a solution. Thanks for your help. – Thrax – 2014-11-17T08:58:01.870