23

Using Putty, I have set up a reverse proxy which allows me to connect on port 8080 of the server at server.tld to port 80 of the machine which initiated the SSH connection.

The server allows me to connect on localhost:8080 and returns the result of initiator:80 when I connect on the server.

This question says to enable GatewayPorts and bind to all addresses.

Using Putty, how can I expose port 8080 on the server so that when a request comes through on the external interface (e.g. a web request) the port is forwarded to the initiator:80?

enter image description here

Community
  • 1
Darbio
  • 557
  • 1
  • 5
  • 15
  • Can you detail exactly what you're putting into the PuTTY dialog to create the tunnel? – EightBitTony May 10 '12 at 13:55
  • Added a screenshot - ports are different than the example text, however this is not allowing a request on the external interface to route through the tunnel (e.g. 1.2.3.4:8080). Internal requests are routed (localhost:8080). – Darbio May 11 '12 at 04:51
  • What does netstat -an | grep 8080 show? And when you say not allowing, what do you mean? Do you have a firewall blocking connections to port 8080? – EightBitTony May 11 '12 at 06:47

1 Answers1

24

There are two checkboxes when setting up the PuTTY tunnel,

  • Local ports accept connections from other hosts
  • Remote ports do the same (SSH-2 only)

the second of those does what you need.

I just tested it,

PuTTY tunnels dialog,

  • Tick Remote ports ...
  • Put 8080 into Source port
  • Put 127.0.0.1:80 into Destination port
  • Select 'Remote' radio button
  • Click Add
  • Connect

Works fine, here's the resulting netstat,

# netstat -an | grep 8080
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN
tcp6       0      0 :::8080                 :::*                    LISTEN

You can also use plink.exe that comes with PuTTY, for example,

plink -R *:8080:localhost:80 user@remote.host.example

which works fine as well.

# netstat -an | grep 8080
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN
tcp6       0      0 :::8080                 :::*                    LISTEN

If you're still getting 127.0.0.1:8080 on the host, then GatewayPorts is still set to no in your sshd config.

Also, don't forget to update the firewall on the target server to allow external connections to port 8080.

EightBitTony
  • 9,311
  • 1
  • 34
  • 46
  • No - it doesn't seem to give me the same behaviour as `ssh -R *:8080:localhost:80` should it? – Darbio May 10 '12 at 12:35
  • GatewayPorts is set to yes. It works with the `ssh -R \*:8080:localhost:80` command, just couldn;t figure it out in PuTTy – Darbio May 11 '12 at 04:52
  • @Darbio did you ever figure it out in putty? – barlop May 27 '16 at 17:51
  • 1
    I do use port forwarding a lot, usually on local2remote way (vnc, proxy, etc), and this time didn't work the remote2local port, no matter what option i checked, port doesn't appear as open on remote. Using `plink` directly did worked with no problem using same commands than regular ssh. I could not understand what did the putty make it don't work... – m3nda Jan 01 '17 at 22:37