3

I have a server at work which is behind a firewall (the company's firewall) so it is reachable only thrugh port 22 (SSH). I'm able to connect to the server with putty without problems.
Also, that server has Apache running and listening on port 80 as usual.
But I cant connect to the website using my browser since port 80 (and everyone else) is blocked by the company's firewall.

Is there a way I can make my browser to connect to Apache in that server so I can browse the site I'm working on?

Thanks.

Edit:

Since I was having no success with normal SSH tunneling techniques, I thought this problem was different from all those trying to pass through firewalls (and hence I asked here).
But I was mistaken, it's the exact same situation and a normal ssh-tunnel can solve the problem.

However, what made this problem a bit different (and the reason why I was being unsuccessful) is that the remote server was also behind a NAT, so the server's real IP was a private IP, not the public IP I use to start a SSH sesion.
One I realized that I put in my browser's address bar the server's private IP and voila! It worked like a charm.

GetFree
  • 1,500
  • 7
  • 23
  • 37

4 Answers4

5

From your edit I guess you were trying to use the tunnel as a socks proxy in your browser.
Consider, instead, using the tunnel as a one-to-one connection, i.e. making you PC to behave as a surrogate of the remote server:

On Windows use putty like this
putty.exe -L 80:localhost:80 userName@serverIp

Then navigate in your browser to http://localhost
That way you are effectively turning your PC into a surrogate web server listening on port 80.
No socks proxy configuration needed.

MilliaLover
  • 967
  • 1
  • 8
  • 8
  • I can't believe I didn't know this. Guess I rarely need to get around firewalls, but this is a sweet little trick! +1 – Gomibushi Apr 22 '10 at 06:16
1

I think you're looking for "ssh tunneling".

I just ...ahem... googled it and felt on this article between hundreds of others.

You might as well look at the "Related" questions on the right of this page.

SamK
  • 1,356
  • 3
  • 14
  • 28
1

ssh tunneling would work. connect via

ssh USER@host -L 8080:127.0.0.1:80

Now browse on your computer to 127.0.0.1:8080.

  • The port 8080 can be chosen freely.
  • 127.0.0.1 in the ssh connection ist the loopbackadress of your Webserver.
lepole
  • 1,733
  • 1
  • 10
  • 17
-2

Put in a request to your network team to open port 80 from your machine to that server. Make sure to state your business case for needing the port open.

Zypher
  • 37,405
  • 5
  • 53
  • 95
  • This advice is good if the user was trying to circumvent the company rules and get access to something "illegal". However, in this case, he already have access to the machine, but technical reasons prevent seeing some part of the services. Requiring the port 80 of that machine to be forwarded to a publicly accesible port on the outside of the firewall is a larger hassle and security risk than using an existing connection which is (hopefully) more secure, and the webserver is only exposed to this one user when the ssh is up. – Lenne Jan 14 '17 at 10:10
  • But normally, the answer to "How do I circumvent company firewall and policy?" is "Ask company to change rules, leave or get fired for breaking rules" – Lenne Jan 14 '17 at 10:16