Consider the above setup. Your computer with IP address 192.168.56.101 can access another windows computer referred to as windows jump server here. The windows jump server has two network interfaces : one with IP 192.168.56.102 and another with 10.10.1.10. Your computer can connect to windows jump server over 192.168.56.102 but has no visibility into 10.10.1.0/24 network and therefore cannot connect to internal computer 10.10.1.11. Here we look at a solution using ssh tunneling for accessing 10.10.1.11 in 192.168.56.101 without special admin privileges.
SSH tunneling allows means of passing data/traffic relating to another different service via SSH service. This allows ability to access network service that is otherwise not reachable due to
- Incapability of the underlying network.
- Firewalls or other procedures in place to isolate the internal network.
In the following examples we assume that SSH server is running on the windows jump server. To run SSH server on windows you can use Moba SSH Server.
Dynamic SSH tunneling (SOCKS Proxy)
SOCKS or socket secure is an Internet protocol that routes network packets between a client and server through a proxy server. Here all traffic pass through a local SOCKS proxy as shown below.
The command to use : ssh -D 8080 [email protected]
All client applications such as browsers should be reconfigured with the SOCKS proxy server at localhost and port 8080. Now if 192.168.56.101 points to URL http://localhost, the request is sent to 192.168.56.102 and executed there and will therefore be able to access 192.168.56.102 as localhost. It could also now directly point to 10.10.1.11. This option / settings work for all services and ports.
Local SSH tunneling
Dynamic tunneling allows sending packets to multiple destination ports, local port forwarding however limits communication to a single destination host/port.
Command to use: ssh -L 8000:10.10.1.11:80 [email protected]
