On Sun, 18 Apr 2004 00:44:39 +0200, IloChab <(E-Mail Removed)> wrote:
>
>
> I'm trying to do a double tunnelling with SSH:
>
> from PC1 to PC2 -L 10000:PC2:10000
> from PC3 to PC2 -R 10000:PC2:10000
>
> because I want to connect on 10000 port from PC1 to PC2.
>
> PC1 is on internet
> PC2 too, it has a public IP and it stands in front of PC3 that is on a LAN
>
> I can't do:
>
> -L 10000:PC3:10000 from PC1 to PC2
>
> because PC2 can only be reached from port 22 (both from outside and
> from inside) but IT CAN'T CONNECT to anyone on no port both towards
> inside and outside.
>
> Do I do something wrong or SSH can't do double tunnelling???
You say you can only reach PC2 on port 22 but you are trying to bind the
tunnel to PC2's external IP:10000. The IP of -L is from point of view of
sshd, and IP of -R is from point of view of ssh client, so I was thinking:
from PC1 to PC2 -L 10000:127.0.0.1:10000
from PC3 to PC2 -R 10000:127.0.0.1:10000
However, I have not been able to get -R 10000:127.0.0.1:10000 to work
(using a perl deamon script answering on port 10000 of PC3), even though
ssh -v on PC3 appears to show it is successful and netstat -atn on PC2
shows the tunnel listening on 127.0.0.1:10000. Maybe -R IP is remote host
only, since it did not work with LAN IP of PC2 either.
From a normal ssh session from PC1 to PC2, I did get 'ssh PC1 -R
10000:PC3:10000' to work (localhost:10000 on PC1 accessed PC3:10000), but
that would be no different than 'ssh PC2 -L 10000:PC3:10000' from PC1 and
would not help you if the only access in/out of PC2 is port 22.
Middle PC should be PC2:
> Any other way to obtain that result???
> 22 _only_ 22
> PC1 --> PC3 <--- PC3
> (MAN) (pubblic) (LAN)
> | ^
> V____________10000_________________|
>
> Licia
> (Sorry for my bad English, I hope anyone could understand)
--
David Efflandt - All spam ignored
http://www.de-srv.com/
Similar Threads
Linear Mode
