Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tech:others:tunnels [2014/11/15 09:13] (current)
Line 1: Line 1:
 +====== Creating Tunnels for remote access ======
 +
 +Any one of the below command creates two tunnels, one for http requests and one for (Windows) RDP via remote host (example.org used in example). ​ The first one uses a "saved session"​ in putty, hence there is much information missing and in this case I have used SSH shared key authentication. ​ The 2nd command uses userid/​password authentication and does not depend on using a saved session. ​ As expected the 2nd command has more details. ​ Notice that one uses plink and another putty. ​ Both work.  The -N option ensures no session is established. ​ However this is optional and you can leave an open session, especially if you want to do other stuff with the session. ​ The option can be used with putty.exe also.
 +
 +"​C:​\Program Files\PuTTY\putty.exe"​ -C -load Home-Ub -L 8118:​localhost:​8118 -L 3390:​192.168.0.97:​3389
 +
 +"​C:​\Program Files\PuTTY\plink.exe"​ -C -N someuser@example.org -pw <​somepassword>​ -P <if not default> -L 8118:​localhost:​8118 -L 3390:​192.168.0.97:​3389
 +
 +The above won't work! See Common issues for reason. Use the line below. The RDP is optional and just not shown below but can be added
 +
 +"​C:​\Program Files\PuTTY\plink.exe"​ -C -N someuser@example.org -pw <​somepassword>​ -P 15023 -L 8118:​192.168.0.100:​8118
 +
 +===== Details =====
 +As simple as this setup is, a small mistake will prevent it from working and usually there is no proper debug or error messages to identify the issue.
 +
 +==== HTTP Tunnel ====
 +In order to create a tunnel to browse the internet via the tunnel IP as opposed to directly accessing the internet from the local IP, first create a proxy web server on any one of the servers in the remote location. ​ In this case we have privoxy web server running locally on the host that is used to tunnel on port 8118.  Our internet browser proxy setting is also localhost:​8118. ​ Once setup you should be good to go browsing via the tunnel. ​  I actually have another UNIX box running privoxy as well.  The IP of that box is 192.168.0.99. ​ If I wanted to tunnel via one box and use the 2nd as the web server, I can do that quite easily but just specifying "-L 8118:​192.168.0.99:​8118"​ instead of "-L 8118:​localhost:​8118"​. ​ However, this may not be the configuration you settle in at.  See Common Issues below.
 +
 +==== RDP Tunnel ====
 +The remote windows box is running on IP 192.168.0.97. ​ Since the local windows box gets confused if we use localhost:​3389 (it assumes you are connecting remote to your own box and refuses connection),​ we have changed the local port to 3390, but kept the remote windows box RDP listen port to its default of 3389.  Now connect via RDP to localhost:​3390 to connect to your remote windows box on port 3389.
 +
 +===== Common Issues =====
 +Instead of "-L 8118:​localhost:​8118"​ I initially had "-L 8118:​192.168.0.100:​8118"​ where 192.168.0.100 was the address of my localhost. ​ However this did not work and I got a Connection Interrupted - The connection to the server was reset while the page was loading. ​ Privoxy on 192.168.0.100 was configured to listen only to localhost and not 192.168.0.100 and does not seem to recognize they are the same.  See the listen-address setting in the privoxy configuration file.  Now while this works, when I used privoxy as my web filter/​proxy when accessing the internet from my local network (windows pc), it would not work.  I then edited Privoxy config file (located at /​etc/​privoxy/​config on Ubuntu) and changed "​listen-address ​ 127.0.0.1:​8118"​ to "​listen-address 192.168.0.100:​8118"​. ​ This made my web proxy work from my local network computer. ​  Of course now my tunnel does not work!  Edited the putty configuration from "-L 8118:​localhost:​8118"​ back to "-L 8118:​192.168.0.100:​8118"​ and the tunnel started to work as well.  It would be great if privoxy can listen on multiple addresses or recognize the localhost'​s IP as localhost. ​ However, the current setting takes care of what I need.
 +
 +===== Privoxy file locations in Ubuntu =====
 +^File^Description^
 +|/​etc/​init.d/​privoxy restart|Privoxy restart|
 +|/​var/​log/​privoxy/​logfile|Log file|
 +|/​var/​log/​privoxy/​errorfile|Error file|
 +|/​etc/​privoxy/​config|Configuration File|
  

QR Code
QR Code tech:others:tunnels (generated for current page)