This will explain how to configure ssh tunnel
I am running Veritas Operations Manager (VOM) on RemoteServer001 running Linux RHEL5.8. VoM is listening on tcp port 14161.
RemoteServer001# netstat -nlp |grep java
tcp 0 0 :::14161 :::* LISTEN 23340/java
I tried to access VOM thru my browser (http://RemoteServer001:14161 ) and it failed with message – page cannot be displayed.
My local desktop LocalDesktop001 is running Linux Fedora17. On furthere checking, I found that I am able to do ssh (port 22) from LocalDesktop001 to RemoteServer001 . But firewall do not allow to connect on port 14161 on RemoteServer001 from LocalDesktop001.
It means below command is unsuccessful.
LocalDesktop001# telnet RemoteServer001 14161 [Fails]
In Short:
LocalDesktop001 ==> RemoteServer001:22 [Works]
LocalDesktop001 ==> RemoteServer001:14161 [Fails because of failrewal]
In this situation, we can redirect all the traffic of port 14161 via allowed port 22 on LocalDesktop001 and send it to RemoteServer001 as ssh traffic. This traffic will be handled by RemoteServer001 ssh server and it will send to port 14161 of RemoteServer001.
This is what know as SSH Uunneling !
On LocalDesktop001 Linux system, run below command to tunnel localhost:14161 via port localhost:22 to RemoteServer001:14161.
LocalDesktop001# ssh -f -L 14161:localhost:14161 root@RemoteServer001
-f : Requests ssh to go to background just before command execution
-N : Do not execute a remote command on remote server
Verify it on local system:
LocalDesktop001# netstat -nlp|grep 14161
tcp 0 0 127.0.0.1:14161 0.0.0.0:* LISTEN 3907/ssh
Now, instead of http://RemoteServer001:14161 , use http://localhost:14161 (or http://127.0.0.1:14161 ) url on LocalDesktop001 browser. Web traffic will be tunneled to RemoteServer001 on port number 14161 via allowed tcp port 22 !!
References:
http://www.revsys.com/writings/quicktips/ssh-tunnel.html
I am running Veritas Operations Manager (VOM) on RemoteServer001 running Linux RHEL5.8. VoM is listening on tcp port 14161.
RemoteServer001# netstat -nlp |grep java
tcp 0 0 :::14161 :::* LISTEN 23340/java
I tried to access VOM thru my browser (http://RemoteServer001:14161 ) and it failed with message – page cannot be displayed.
My local desktop LocalDesktop001 is running Linux Fedora17. On furthere checking, I found that I am able to do ssh (port 22) from LocalDesktop001 to RemoteServer001 . But firewall do not allow to connect on port 14161 on RemoteServer001 from LocalDesktop001.
It means below command is unsuccessful.
LocalDesktop001# telnet RemoteServer001 14161 [Fails]
In Short:
LocalDesktop001 ==> RemoteServer001:22 [Works]
LocalDesktop001 ==> RemoteServer001:14161 [Fails because of failrewal]
In this situation, we can redirect all the traffic of port 14161 via allowed port 22 on LocalDesktop001 and send it to RemoteServer001 as ssh traffic. This traffic will be handled by RemoteServer001 ssh server and it will send to port 14161 of RemoteServer001.
This is what know as SSH Uunneling !
On LocalDesktop001 Linux system, run below command to tunnel localhost:14161 via port localhost:22 to RemoteServer001:14161.
LocalDesktop001# ssh -f -L 14161:localhost:14161 root@RemoteServer001
-f : Requests ssh to go to background just before command execution
-N : Do not execute a remote command on remote server
Verify it on local system:
LocalDesktop001# netstat -nlp|grep 14161
tcp 0 0 127.0.0.1:14161 0.0.0.0:* LISTEN 3907/ssh
Now, instead of http://RemoteServer001:14161 , use http://localhost:14161 (or http://127.0.0.1:14161 ) url on LocalDesktop001 browser. Web traffic will be tunneled to RemoteServer001 on port number 14161 via allowed tcp port 22 !!
References:
http://www.revsys.com/writings/quicktips/ssh-tunnel.html
No comments:
Post a Comment