0

I'm developing an application A that connects to remote server S on some port (>1024). For security reasons the server S only allows connections from a specific machine I with a white-listen IP-address. That's fine when running the application, but makes developing it a pain in the... lower back side. Is there a simpler way, without setting up a full-fledged VPN solution that will allow me to run a program locally on my machine, L, which will simply establish and forward the entire connection via I to S?

In brief, what I want to accomplish is that when I run the program locally, it connects to S via I, allowing it to communicate via the whitelisted IP-addresss.

Although it sounds like a MITM, it's not. A (and the host machine L) do not need to be agnostic and I have full access to every machine except the target machine S, so changing things like hosts files, network interfaces, and setting up ssh-tunnels are all fine.

All the servers are Linux (Ubuntu LTS), my local machine is a Mac running OSX.

Faulty Server
  • 3
  • 2

1 Answers1

0

How many ports are we talking about? If not many and they don't change then : 1. Configure your application (A) on you machine (L) to use IP/hostanme of the server I instead of S. 2. Setup HaProxy on server I to proxy all the requests from L to S. 

    global
    daemon
    maxconn 256

defaults
    mode tcp
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

frontend serverI
    bind *:Y
    default_backend serverS

backend serverS
    server s X.X.X.X:Y

Otherwise you might be able to set something up using SSH tunnel between your host L and server I. Then using iptables DNAT/SNAT route traffic between server S and tun interface on I whilst pointing your application to tun on your laptop.

https://help.ubuntu.com/community/SSH_VPN

Andrey
  • 558
  • 2
  • 8