Access blocked computers with SSH tunneling port forwarding

SSH tunnelingConsider the above setup. Your computer with IP address can access another windows computer referred to as windows jump server here. The windows jump server has two network interfaces : one with IP and another with Your computer can connect to windows jump server over but has no visibility into network and therefore cannot connect to internal computer Here we look at a solution using ssh tunneling for accessing in without special admin privileges.

SSH tunneling allows means of passing data/traffic relating to another different service via SSH service. This allows ability to access network service that is otherwise not reachable due to

  1. Incapability of the underlying network.
  2. Firewalls or other procedures in place to isolate the internal network.

In the following examples we assume that SSH server is running on the windows jump server. To run SSH server on windows you can use Moba SSH Server.

Dynamic SSH tunneling (SOCKS Proxy)

SOCKS or socket secure is an Internet protocol that routes network packets between a client and server through a proxy server. Here all traffic pass through a local SOCKS proxy as shown below.

Dynamic SSH Tunneling

The command to use : ssh     -D 8080     [email protected]
Now ssh client in creates one SOCKS proxy server and binds to port 8080 and then connects to over SSH tunnel.
All client applications such as browsers should be reconfigured with the SOCKS proxy server at localhost and port 8080. Now if points to URL http://localhost, the request is sent to and executed there and will therefore be able to access as localhost. It could also now directly point to This option / settings work for all services and ports.

Local SSH tunneling

Dynamic tunneling allows sending packets to multiple destination ports, local port forwarding however limits communication to a single destination host/port.

Local Tunnelling

Command to use:             ssh   -L  8000:   [email protected]

In above example traffic on port 8000 on is redirected to server via If we point to URL http://localhost:8000/ on we can access the computer on port 80.

Related Posts