Tunnelling UDP Traffic Through An SSH Connection: Difference between revisions

From MediaWiki
Jump to navigationJump to search
Line 5: Line 5:


== Tunnel A TCP Forward Port Through SSH ==
== Tunnel A TCP Forward Port Through SSH ==
First we need to establish the tunnel for a "'''''non-used'''''" '''TCP''' port from the ''local'' '''NST''' probe to the ''remote'' '''NST''' probe which shares the same '''LAN''' as the destination '''x4200''' server.
First we need to establish the tunnel for a "'''''non-used'''''" '''TCP''' port from the ''local'' '''NST''' probe to the ''remote'' '''NST''' probe '''SSH''' server which shares the same '''LAN''' as the destination '''x4200''' server.


<div class="screen">
<div class="screen">
Line 22: Line 22:


In this example '''SSH''' traffic is being '''NATed''' through a firewall. The '''SSH''' filtered port at the ''dirty'' side of the firewall is: "'''31222'''". We have chosen to use '''TCP''' port forwarding for the "'''''non-used'''''" '''TCP''' port: "'''9999'''". The remote '''NST''' probe's '''IP Address''' is: "'''55.44.22.178'''". On the ''local'' '''NST''' probe, '''TCP''' port: "'''9999'''" is bound to the '''localhost IP Address''': "'''127.0.0.1'''".
In this example '''SSH''' traffic is being '''NATed''' through a firewall. The '''SSH''' filtered port at the ''dirty'' side of the firewall is: "'''31222'''". We have chosen to use '''TCP''' port forwarding for the "'''''non-used'''''" '''TCP''' port: "'''9999'''". The remote '''NST''' probe's '''IP Address''' is: "'''55.44.22.178'''". On the ''local'' '''NST''' probe, '''TCP''' port: "'''9999'''" is bound to the '''localhost IP Address''': "'''127.0.0.1'''".


== Use: "'''nc'''" To Translate TCP To UDP Forward On The SSH Server Side ==
== Use: "'''nc'''" To Translate TCP To UDP Forward On The SSH Server Side ==

Revision as of 17:44, 22 March 2007

Overview

This section describes how to use NST to tunnel a UDP traffic conversation through a SSH connection. For our example we will tunnel IPMItool traffic (UDP Port: 623) through an SSH connection to a Sun Fire X4200 server's Integrated Lights Out Manager (ILOM) service processor network interface. Three systems are involved, 2 NST probes and the x4200 server. Reference information was taken from: "Performing UDP tunneling through an SSH connection".

Step By Step:

Tunnel A TCP Forward Port Through SSH

First we need to establish the tunnel for a "non-used" TCP port from the local NST probe to the remote NST probe SSH server which shares the same LAN as the destination x4200 server.

Establish An SSH Connection With TCP Port Forwarding
[root@probe tmp]# ssh -p 31222 -L 9999:localhost:9999 root@55.44.22.178;
root@55.44.22.178's password:
Last login: Thu Mar 22 11:18:59 2007 from cpe-72-222-76-188.nycaper.res.rdr.com

===============================================
= Linux Network Security Toolkit (NST v1.5.0) =
===============================================

[root@probe-biostar ~]#

In this example SSH traffic is being NATed through a firewall. The SSH filtered port at the dirty side of the firewall is: "31222". We have chosen to use TCP port forwarding for the "non-used" TCP port: "9999". The remote NST probe's IP Address is: "55.44.22.178". On the local NST probe, TCP port: "9999" is bound to the localhost IP Address: "127.0.0.1".

Use: "nc" To Translate TCP To UDP Forward On The SSH Server Side